01_CD_MP

pw/pw-jwt-oauth/client/package.json

@@ -18,6 +18,7 @@
     "@angular/platform-browser": "~13.0.0",
     "@angular/platform-browser-dynamic": "~13.0.0",
     "@angular/router": "~13.0.0",
+    "maven": "^5.0.0",
     "ngx-webstorage": "^9.0.0",
     "rxjs": "~7.4.0",
     "tslib": "^2.3.0",
@@ -37,4 +38,4 @@
     "karma-jasmine-html-reporter": "~1.7.0",
     "typescript": "~4.4.3"
   }
-}
+}

pw/pw-jwt-oauth/client/src/app/services/auth/auth-jwt.interceptor.ts

@@ -18,22 +18,24 @@ export class JwtInterceptor implements HttpInterceptor {
     private ng2localStorage: LocalStorageService,
     private ng2sessionStorage: SessionStorageService,
     private router: Router
-  ) {}
+  ) {
+  }
 
   intercept(
     req: HttpRequest<any>,
     next: HttpHandler
   ): Observable<HttpEvent<any>> {
-    //  retrieve jwt token from client storage (local or session) with the key 'authenticationToken'
-    // let token = this.ng2localStorage.retrieve(....) || this.ng2sessionStorage.retrieve(....);
-    //  verify token is present
-    // if (...){
-    //  set authorization header in the request with the token : 'Authorization: Bearer __token__'
-    // req = req.clone({
-    //   setHeaders: {
-    //     Authorization: ....
-    //   }
-    // });
+    let token = this.ng2localStorage.retrieve('authenticationToken') || this.ng2sessionStorage.retrieve('authenticationToken');
+    // get the JWT token from the client's storage
+    if (token) {
+      // check if the token is present
+      req = req.clone({
+        setHeaders: {
+          Authorization: `Bearer ${token}`
+          // set authorization header
+        }
+      });
+    }
 
     return next.handle(req).pipe(
       tap(

pw/pw-jwt-oauth/client/src/app/services/auth/auth-jwt.service.ts

@@ -30,20 +30,22 @@ export class AuthServerProvider {
         map((resp) => this.authenticateSuccess(resp, credentials.rememberMe))
       );
   }
-
-  // TODO PW-JWT-auth
-  // In case of authentication success , get the JWT from the response and store it in client storage
+
+  // Get JWT in case of authentication success and store it in client storage
   authenticateSuccess(resp: HttpResponse<any>, rememberMe: boolean) {
-    // BearerToken to retrieve from Authorization Header ( use resp.headers.get )
-    //  let bearerToken = resp.headers.get('....');
-    // Verify the content of the authorization header is indeed a bearer token  and not null ( use slice on string)
-    //  if (bearerToken && ...)
-    // retrieve the token by removing the "Bearer" string with slice function
-    //  let jwt = bearerToken.slice(.....);
-    // store the jwt in the credentials ( use  storeAuthenticationToken )
-    // this.storeAuthenticationToken(.....);
-    // return the jwt
-    return resp;
+    let bearerToken = resp.headers.get("Authorization");
+    let jwt;
+
+    // Verify the bearerToken
+    if(bearerToken?.slice(0,6) == "Bearer"){
+
+      // Retrieve the token from bearerToken
+      jwt = bearerToken.slice(7);
+
+      // Store the jwt in the credentials
+      this.storeAuthenticationToken(jwt, rememberMe)
+    }
+    return jwt;
   }
 
   loginWithToken(jwt: string, rememberMe: boolean) {

pw/pw-jwt-oauth/server/src/main/java/com/worldline/bookstore/config/SecurityConfiguration.java

@@ -100,10 +100,10 @@ protected void configure(HttpSecurity http) throws Exception {
                 .antMatchers("/management/health").permitAll()
                 .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
                 .antMatchers("/v2/api-docs/**").hasAuthority(AuthoritiesConstants.ADMIN)
-        // .and()
-        // .apply(securityConfigurerAdapter())
+                .and()
+                .apply(securityConfigurerAdapter())
         ;
-        // TODO uncomment this line to activate JWT filter
+        // Uncomment line 103 & 104 to activate the JWT configurer
 
     }