Class AppAuthorizationFilter
java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
org.springframework.security.web.authentication.www.BasicAuthenticationFilter
com.app.security.filter.AppAuthorizationFilter
- All Implemented Interfaces:
jakarta.servlet.Filter,org.springframework.beans.factory.Aware,org.springframework.beans.factory.BeanNameAware,org.springframework.beans.factory.DisposableBean,org.springframework.beans.factory.InitializingBean,org.springframework.context.EnvironmentAware,org.springframework.core.env.EnvironmentCapable,org.springframework.web.context.ServletContextAware
public class AppAuthorizationFilter
extends org.springframework.security.web.authentication.www.BasicAuthenticationFilter
Custom filter to handle authorization by parsing the access token from the request.
This filter checks the HTTP request for an Authorization header containing a Bearer token,
parses the token using TokenService, and sets the authentication in the security context
if the token is valid. This allows the application to identify the authenticated user and their roles.
-
Field Summary
Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIXFields inherited from class org.springframework.web.filter.GenericFilterBean
logger -
Constructor Summary
ConstructorsConstructorDescriptionAppAuthorizationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, TokenService tokenService) -
Method Summary
Modifier and TypeMethodDescriptionprotected voiddoFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) Filters the incoming request to parse the Authorization header and extract the access token.Methods inherited from class org.springframework.security.web.authentication.www.BasicAuthenticationFilter
afterPropertiesSet, authenticationIsRequired, getAuthenticationEntryPoint, getAuthenticationManager, getCredentialsCharset, isIgnoreFailure, onSuccessfulAuthentication, onUnsuccessfulAuthentication, setAuthenticationConverter, setAuthenticationDetailsSource, setCredentialsCharset, setRememberMeServices, setSecurityContextHolderStrategy, setSecurityContextRepositoryMethods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatchMethods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext
-
Constructor Details
-
AppAuthorizationFilter
public AppAuthorizationFilter(org.springframework.security.authentication.AuthenticationManager authenticationManager, TokenService tokenService) - Parameters:
authenticationManager- the authentication manager used to authenticate the usertokenService- the service responsible for parsing and validating the access token
-
-
Method Details
-
doFilterInternal
protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain) throws IOException, jakarta.servlet.ServletException Filters the incoming request to parse the Authorization header and extract the access token.If the Authorization header is present and contains a valid Bearer token, this method will parse the token using the
TokenServiceand set the authentication in the security context.- Overrides:
doFilterInternalin classorg.springframework.security.web.authentication.www.BasicAuthenticationFilter- Parameters:
request- the HTTP requestresponse- the HTTP responsechain- the filter chain- Throws:
IOException- if an I/O error occursjakarta.servlet.ServletException- if a servlet exception occurs
-