OAUTH2 - AUTHORIZATION SERVER
TABLAS NECESARIAS EN BASE DE
DATOS
CREATE TABLE PERMISO(
ID INTEGER PRIMARY KEY NOT NULL,
NOMBRE VARCHAR(100) NOT NULL
);
CREATE SEQUENCE
PERMISO_SEQ
MINVALUE 1
MAXVALUE 999999999999999999999999999
START WITH 1
INCREMENT BY 1
CACHE 20;
CREATE TABLE ROL(
ID INTEGER PRIMARY KEY NOT NULL,
NOMBRE VARCHAR(50) UNIQUE NOT NULL
);
CREATE SEQUENCE ROL_SEQ
MINVALUE 1
MAXVALUE 999999999999999999999999999
START WITH 1
INCREMENT BY 1
CACHE 20;
CREATE TABLE ROL_PERMISO(
ID INTEGER PRIMARY KEY NOT NULL,
ID_ROL INTEGER NOT NULL,
ID_PERMISO INTEGER NOT NULL,
FOREIGN KEY(ID_ROL) REFERENCES ROL(ID),
FOREIGN KEY(ID_PERMISO) REFERENCES PERMISO(ID)
);
CREATE SEQUENCE
ROL_PERMISO_SEQ
MINVALUE 1
MAXVALUE 999999999999999999999999999
START WITH 1
INCREMENT BY 1
CACHE 20;
CREATE TABLE USUARIO(
ID INTEGER PRIMARY KEY NOT NULL,
NOMBRE VARCHAR(50) NOT NULL,
APE_PATERNO VARCHAR(50) NOT NULL,
APE_MATERNO VARCHAR(50) NOT NULL,
USERNAME VARCHAR(50) UNIQUE NOT NULL,
PASSWORD VARCHAR(100) NOT NULL,
EMAIL VARCHAR(50) NULL,
TELEFONO VARCHAR(20) NULL
);
CREATE SEQUENCE
USUARIO_SEQ
MINVALUE 1
MAXVALUE 999999999999999999999999999
START WITH 1
INCREMENT BY 1
CACHE 20;
CREATE TABLE USUARIO_ROL(
ID INTEGER PRIMARY KEY NOT NULL,
ID_ROL INTEGER NOT NULL,
ID_USUARIO INTEGER NOT NULL,
FOREIGN KEY(ID_ROL) REFERENCES ROL(ID),
FOREIGN KEY(ID_USUARIO) REFERENCES USUARIO(ID)
);
CREATE SEQUENCE
USUARIO_ROL_SEQ
MINVALUE 1
MAXVALUE 999999999999999999999999999
START WITH 1
INCREMENT BY 1
CACHE 20;
INSERT INTO PERMISO (ID,NOMBRE) VALUES (PERMISO_SEQ.NEXTVAL,'ADMIN_ROL');
INSERT INTO PERMISO (ID,NOMBRE) VALUES (PERMISO_SEQ.NEXTVAL,'VENTAS_ROL');
INSERT INTO ROL(ID,NOMBRE) VALUES (ROL_SEQ.NEXTVAL,'ADMINISTRADOR');
INSERT INTO ROL(ID,NOMBRE) VALUES (ROL_SEQ.NEXTVAL,'CAJERO');
INSERT INTO ROL_PERMISO(ID,ID_ROL,ID_PERMISO) VALUES (ROL_PERMISO_SEQ.NEXTVAL,1,1);
INSERT INTO ROL_PERMISO(ID,ID_ROL,ID_PERMISO) VALUES (ROL_PERMISO_SEQ.NEXTVAL,1,2);
INSERT INTO ROL_PERMISO(ID,ID_ROL,ID_PERMISO) VALUES (ROL_PERMISO_SEQ.NEXTVAL,2,2);
INSERT INTO USUARIO(ID,NOMBRE,APE_PATERNO,APE_MATERNO,USERNAME,PASSWORD,EMAIL,TELEFONO)
VALUES(USUARIO_SEQ.NEXTVAL,'NERIO','BAEZ','DELGADO','superadmin','$2a$10$EblZqNptyYvcLm/VwDCVAuBjzZOI7khzdyGPBr08PpIi0na624b8.','NBAEZ001@GMAIL.COM','929181954');
INSERT INTO USUARIO(ID,NOMBRE,APE_PATERNO,APE_MATERNO,USERNAME,PASSWORD,EMAIL,TELEFONO)
VALUES(USUARIO_SEQ.NEXTVAL,'KITE','DANIE','DANIE','admin','$2a$10$EblZqNptyYvcLm/VwDCVAuBjzZOI7khzdyGPBr08PpIi0na624b8.','NBAEZ001@GMAIL.COM','929181954');
INSERT INTO USUARIO_ROL(ID,ID_USUARIO,ID_ROL) VALUES (USUARIO_ROL_SEQ.NEXTVAL,1,1);
INSERT INTO USUARIO_ROL(ID,ID_USUARIO,ID_ROL) VALUES (USUARIO_ROL_SEQ.NEXTVAL,2,2);
COMMIT;
Credenciales:
Usuario: admin
Password: 123456 (se cifro mediante BCrypt de Spring)
PROCEDIMIENTO ALMACENADO DE BUSCAR USUARIO
CREATE OR REPLACE PACKAGE PCK_PP_AUTENTICACION AS
PROCEDURE SP_PP_BUSCAR_USUARIO (
I_USERNAME IN VARCHAR2,
O_RESULT OUT
SYS_REFCURSOR,
O_RESULT_DET OUT SYS_REFCURSOR,
O_CODIGO OUT NUMBER,
O_MENSAJE OUT VARCHAR2
);
END PCK_PP_AUTENTICACION;
/
CREATE OR REPLACE PACKAGE BODY PCK_PP_AUTENTICACION AS
PROCEDURE SP_PP_BUSCAR_USUARIO (
I_USERNAME IN VARCHAR2,
O_RESULT OUT
SYS_REFCURSOR,
O_RESULT_DET OUT SYS_REFCURSOR,
O_CODIGO OUT NUMBER,
O_MENSAJE OUT VARCHAR2
) AS
BEGIN
OPEN O_RESULT FOR
SELECT
U.ID,
U.NOMBRE,
U.APE_PATERNO,
U.APE_MATERNO,
U.USERNAME,
U.PASSWORD,
U.EMAIL,
U.TELEFONO,
R.ID AS ID_ROL,
R.NOMBRE AS NOMBRE_ROL
FROM PPSEG.USUARIO U
LEFT JOIN PPSEG.USUARIO_ROL UR ON UR.ID_USUARIO = U.ID
LEFT JOIN PPSEG.ROL R ON R.ID = UR.ID_ROL
WHERE U.USERNAME=I_USERNAME;
OPEN O_RESULT_DET FOR
SELECT P.ID,P.NOMBRE FROM PPSEG.USUARIO U
LEFT JOIN PPSEG.USUARIO_ROL UR ON UR.ID_USUARIO = U.ID
LEFT JOIN PPSEG.ROL R ON R.ID = UR.ID_ROL
LEFT JOIN PPSEG.ROL_PERMISO RP ON RP.ID_ROL = R.ID
LEFT JOIN PPSEG.PERMISO P ON P.ID = RP.ID_PERMISO
WHERE U.USERNAME=I_USERNAME;
O_CODIGO := SQLCODE;
O_MENSAJE := SQLERRM;
EXCEPTION
WHEN OTHERS THEN
ROLLBACK;
O_CODIGO := SQLCODE;
O_MENSAJE := SQLERRM;
END SP_PP_BUSCAR_USUARIO;
END PCK_PP_AUTENTICACION;
INICIAR UN PROYECTO EN SPRING
Creación del proyecto en SPRING
Creación del proyecto en SPRING
Archivo pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>panaderia-oauth2</artifactId>
<packaging>war</packaging>
<name>panaderia-oauth2</name>
<description>Seguridad aplicacion
panaderia</description>
<parent>
<groupId>com.besoft</groupId>
<artifactId>panaderia-app</artifactId>
<version>1.0</version>
</parent>
<properties>
<start-class>com.besoft.panaderia.PanaderiaOauth2Application</start-class>
<java.version>1.8</java.version>
</properties>
<dependencies>
<!--
springframework.boot global config -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<!--
springframework.boot dependencies -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Dependencias
Spring Security -->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.1.0.RELEASE</version>
</dependency>
<!-- Dependencia
Oracle -->
<dependency>
<groupId>com.oracle</groupId>
<artifactId>ojdbc6</artifactId>
<version>11.2.0.3</version>
</dependency>
<!-- the
implementation will be provided by Wildfly / JBoss -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>panaderia-oauth2</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<addResources>true</addResources>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>dev</id>
<properties>
<spring.profiles.active>dev</spring.profiles.active>
<logging.level>INFO</logging.level>
</properties>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
</dependencies>
</profile>
<profile>
<id>qa</id>
<properties>
<spring.profiles.active>qa</spring.profiles.active>
<logging.level>INFO</logging.level>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
</profile>
</profiles>
</project>
HABILITAR EL SERVIDOR DE AUTORIZACION
package com.besoft.panaderia;
import org.slf4j.Logger;
import
org.slf4j.LoggerFactory;
import
org.springframework.boot.SpringApplication;
import
org.springframework.boot.autoconfigure.SpringBootApplication;
import
org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@SpringBootApplication
@EnableAuthorizationServer
public class PanaderiaOauth2Application {
private static final Logger log = LoggerFactory.getLogger(PanaderiaOauth2Application.class);
public static void main(String[] args) {
log.info("---------Start
class Application---------");
SpringApplication.run(PanaderiaOauth2Application.class, args);
}
}
GENERAR LA LLAVE PRIVADA Y PUBLICA CON
“OPENSSL”
Para esto
primero se debe instalar la aplicación desde:
Ingresamos a
la consola y ejecutamos la siguiente:
C:\Program
Files (x86)\GnuWin32\bin>openssl genrsa -out jwt.pem 2048
C:\Program
Files (x86)\GnuWin32\bin>openssl rsa -in jwt.pem
writing RSA
key
-----BEGIN
RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA74dddBgzojGAODlMGx0mWXIpusTHcY5n3Y7xrPAVdgNsl9CT
iZTpxtPHXmOtV+5Kx58q7P+2PsrFZUoGAr4aFzeGIdnE1A2ZtZTknvY4VEvFkWOQ
yQfm3nIPCQtv6EZv6AFinQyicr7jjapbgb4JjldN+cABbb3eh6lvJP/twwAlrCiu
VKfw36Ms9SP3j6duAoI7AaDFY247UYh7ngoGJFV6xkaRzgiBW9OlUpwETCFiZwYt
GvPNngHTEWjV2IL1QyZdv+aKbloi+HsvLYRNrhzRaG/3A19NXBntGtdKLqH5PClj
7g1YyTaQVyujVREU8zWzXcmmnzJ29RshDRrsXQIDAQABAoIBAQDZU1JhcUv3zz3s
xV/eAfa3lTNzd/MVfwWSKo3wQOzX5Id0vxP98pShh6kOZRX0AArtT+ccnW53TncH
TcBiYKU/h2s172X8mFJsRCmiaPf208DwBwxoubio/4fQxwXEE5SZRhh5Met6fOPt
tzHLZ+c3tNLU1Xb2YR00rXBge6z4DLrD+i0CiZgH8kv4nVx40T/fXbkLRJH8+Mu9
JPApSGUIcZSCtByyZX9xZTF/QnO4pCR/8z6s/MwQbPU3azPTlMO0h/p5qe2cb9JS
+hZl8BwUzue9ooQiFKWSS3EItg+1REnlPPPtEB2NYMbzgA1yNeTEr2ZTHJwXWhY0
sjqoe8vpAoGBAPlvjI/E5XfHiHOCbNOCqw9klmDIngO610F52fiPFvEZiWpc5g68
RPjtGyK3UtEhDhpC2NmCo4sXginmzNSqrezv4Kndg7WYIUKrRi52c8J8Nfc4t5+z
pY3HXYgqR3Fkobdp616nnmx8uBP0xDcz9GpVLluh+5uPsMI4PfqWsK0PAoGBAPXV
EpifHBJl8TjR5jFYOdZYA5k535yIKLk4fLHAnfcz+oxeJWuhGka2h6ijLGS1Z3zs
bMZhj7TXn29sKxJuYgHjO7f+OxaYDEL9/zTyT8MiN7zDCWbVawhEYvfVuguYGlnE
6wkqwkMGv037IinpxCnCECWeOT90tKFyX0i88SfTAoGBAJg60QFJPHZuq0M7vSkU
3UtGq1Qj+/PwysBmGnZM9cZtPGVSjwE9O6bkJiR4161UTCQQ2gFdbmxMC5+BAU9l
X0J0X5ur2l8wmlPy7aEbn6h5YAIidkacQBSYMOgSTYnRzbR/iys4h0JUl49uWXYL
Wkau99zqrgERn+HYq1LNNsRXAoGATVbNVOqpoDgmHaQbcWa6O27RIwGMEejcNvlI
cXuRttXJeyObTjMO2zRNlYZQTxarCigvSHIlDdXQOPOk0VWcy887WHVJDaCkKudR
xMx+v3siYeZSLOHznFQ3dpTsxP0DPT6wWt/y4bdbtCLP6rO6nRCKl+shQ49pzGj5
BR88FzUCgYEAuLxUxaVNBjy02C3z/F3nLvjJYWE4w5jZJNnNP2X0UdfPWvRz1K2N
vU+0Ij6NTtnWtrjfTo3+Ah4HmrUnO1ixjrOxZ+98shcJPd4437jx6LujvxssKfkU
Dk0rfHl9ra2uBEhHBlWMELw8u9moNjly9BZUneqFWxVlhi7MwWgP5lM=
-----END RSA
PRIVATE KEY-----
C:\Program
Files (x86)\GnuWin32\bin>openssl rsa -in jwt.pem -pubout
writing RSA
key
-----BEGIN
PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74dddBgzojGAODlMGx0m
WXIpusTHcY5n3Y7xrPAVdgNsl9CTiZTpxtPHXmOtV+5Kx58q7P+2PsrFZUoGAr4a
FzeGIdnE1A2ZtZTknvY4VEvFkWOQyQfm3nIPCQtv6EZv6AFinQyicr7jjapbgb4J
jldN+cABbb3eh6lvJP/twwAlrCiuVKfw36Ms9SP3j6duAoI7AaDFY247UYh7ngoG
JFV6xkaRzgiBW9OlUpwETCFiZwYtGvPNngHTEWjV2IL1QyZdv+aKbloi+HsvLYRN
rhzRaG/3A19NXBntGtdKLqH5PClj7g1YyTaQVyujVREU8zWzXcmmnzJ29RshDRrs
XQIDAQAB
-----END
PUBLIC KEY-----
AGREGAR LAS PROPIEDADES DE CONEXIÓN EN EL
ARCHIVO APPLICATION.YML
spring:
profiles:
active: '@spring.profiles.active@'
config:
oauth2:
privateKey: -----BEGIN RSA
PRIVATE
KEY-----MIIEpQIBAAKCAQEA74dddBgzojGAODlMGx0mWXIpusTHcY5n3Y7xrPAVdgNsl9CTiZTpxtPHXmOtV+5Kx58q7P+2PsrFZUoGAr4aFzeGIdnE1A2ZtZTknvY4VEvFkWOQyQfm3nIPCQtv6EZv6AFinQyicr7jjapbgb4JjldN+cABbb3eh6lvJP/twwAlrCiuVKfw36Ms9SP3j6duAoI7AaDFY247UYh7ngoGJFV6xkaRzgiBW9OlUpwETCFiZwYtGvPNngHTEWjV2IL1QyZdv+aKbloi+HsvLYRNrhzRaG/3A19NXBntGtdKLqH5PClj7g1YyTaQVyujVREU8zWzXcmmnzJ29RshDRrsXQIDAQABAoIBAQDZU1JhcUv3zz3sxV/eAfa3lTNzd/MVfwWSKo3wQOzX5Id0vxP98pShh6kOZRX0AArtT+ccnW53TncHTcBiYKU/h2s172X8mFJsRCmiaPf208DwBwxoubio/4fQxwXEE5SZRhh5Met6fOPttzHLZ+c3tNLU1Xb2YR00rXBge6z4DLrD+i0CiZgH8kv4nVx40T/fXbkLRJH8+Mu9JPApSGUIcZSCtByyZX9xZTF/QnO4pCR/8z6s/MwQbPU3azPTlMO0h/p5qe2cb9JS+hZl8BwUzue9ooQiFKWSS3EItg+1REnlPPPtEB2NYMbzgA1yNeTEr2ZTHJwXWhY0sjqoe8vpAoGBAPlvjI/E5XfHiHOCbNOCqw9klmDIngO610F52fiPFvEZiWpc5g68RPjtGyK3UtEhDhpC2NmCo4sXginmzNSqrezv4Kndg7WYIUKrRi52c8J8Nfc4t5+zpY3HXYgqR3Fkobdp616nnmx8uBP0xDcz9GpVLluh+5uPsMI4PfqWsK0PAoGBAPXVEpifHBJl8TjR5jFYOdZYA5k535yIKLk4fLHAnfcz+oxeJWuhGka2h6ijLGS1Z3zsbMZhj7TXn29sKxJuYgHjO7f+OxaYDEL9/zTyT8MiN7zDCWbVawhEYvfVuguYGlnE6wkqwkMGv037IinpxCnCECWeOT90tKFyX0i88SfTAoGBAJg60QFJPHZuq0M7vSkU3UtGq1Qj+/PwysBmGnZM9cZtPGVSjwE9O6bkJiR4161UTCQQ2gFdbmxMC5+BAU9lX0J0X5ur2l8wmlPy7aEbn6h5YAIidkacQBSYMOgSTYnRzbR/iys4h0JUl49uWXYLWkau99zqrgERn+HYq1LNNsRXAoGATVbNVOqpoDgmHaQbcWa6O27RIwGMEejcNvlIcXuRttXJeyObTjMO2zRNlYZQTxarCigvSHIlDdXQOPOk0VWcy887WHVJDaCkKudRxMx+v3siYeZSLOHznFQ3dpTsxP0DPT6wWt/y4bdbtCLP6rO6nRCKl+shQ49pzGj5BR88FzUCgYEAuLxUxaVNBjy02C3z/F3nLvjJYWE4w5jZJNnNP2X0UdfPWvRz1K2NvU+0Ij6NTtnWtrjfTo3+Ah4HmrUnO1ixjrOxZ+98shcJPd4437jx6LujvxssKfkUDk0rfHl9ra2uBEhHBlWMELw8u9moNjly9BZUneqFWxVlhi7MwWgP5lM=-----END
RSA PRIVATE KEY-----
publicKey: -----BEGIN PUBLIC
KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74dddBgzojGAODlMGx0mWXIpusTHcY5n3Y7xrPAVdgNsl9CTiZTpxtPHXmOtV+5Kx58q7P+2PsrFZUoGAr4aFzeGIdnE1A2ZtZTknvY4VEvFkWOQyQfm3nIPCQtv6EZv6AFinQyicr7jjapbgb4JjldN+cABbb3eh6lvJP/twwAlrCiuVKfw36Ms9SP3j6duAoI7AaDFY247UYh7ngoGJFV6xkaRzgiBW9OlUpwETCFiZwYtGvPNngHTEWjV2IL1QyZdv+aKbloi+HsvLYRNrhzRaG/3A19NXBntGtdKLqH5PClj7g1YyTaQVyujVREU8zWzXcmmnzJ29RshDRrsXQIDAQAB-----END
PUBLIC KEY-----
clientId: ppseg
clientSecret: ppseg@2020
expiration: 3600
---
server:
port: 8080
servlet:
context-path: /panaderia-oauth2
spring:
profiles: dev
application:
name: panaderia-oauth2
datasource:
driverClassName: oracle.jdbc.driver.OracleDriver
url: "jdbc:oracle:thin:@localhost:1521:orcl"
password: "1234"
username: "ppseg"
testOnBorrow: true
testWhileIdle: true
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 30000
validationQuery: SELECT 1 FROM DUAL
max-active: 15
max-idle: 10
max-wait: 8000
hikari:
maximum-pool-size: 5
connection-timeout: 60000
---
spring:
profiles: qa
application:
name: panaderia-oauth2
datasource:
jndi-name: java:/ppsegNoXADS
testOnBorrow: true
testWhileIdle: true
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 30000
validationQuery: SELECT 1 FROM DUAL
max-active: 15
max-idle: 10
max-wait: 8000
CREAR LAS CLASE DE RESPUESTA DE LA BASE DE
DATOS
Clase UsuarioResponse
package
com.besoft.panaderia.dto.response;
import java.util.ArrayList;
import java.util.Collection;
import
org.springframework.security.core.GrantedAuthority;
public class UsuarioResponse {
private Long id;
private String nombre;
private String apePaterno;
private String apeMaterno;
private String username;
private String password;
private String email;
private String telefono;
private Long idRol;
private String nombreRol;
private
Collection<GrantedAuthority> grantedAuthoritiesList = new ArrayList<>();
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getNombre() {
return nombre;
}
public void setNombre(String nombre) {
this.nombre = nombre;
}
public String
getApePaterno() {
return apePaterno;
}
public void setApePaterno(String apePaterno) {
this.apePaterno = apePaterno;
}
public String
getApeMaterno() {
return apeMaterno;
}
public void setApeMaterno(String apeMaterno) {
this.apeMaterno = apeMaterno;
}
public String getUsername()
{
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword()
{
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getTelefono()
{
return telefono;
}
public void setTelefono(String telefono) {
this.telefono = telefono;
}
public Long getIdRol() {
return idRol;
}
public void setIdRol(Long idRol) {
this.idRol = idRol;
}
public String getNombreRol()
{
return nombreRol;
}
public void setNombreRol(String nombreRol) {
this.nombreRol = nombreRol;
}
public
Collection<GrantedAuthority> getGrantedAuthoritiesList() {
return grantedAuthoritiesList;
}
public void
setGrantedAuthoritiesList(Collection<GrantedAuthority> grantedAuthoritiesList) {
this.grantedAuthoritiesList = grantedAuthoritiesList;
}
}
Clase PermisoResponse
package
com.besoft.panaderia.dto.response;
public class PermisoResponse {
private Long id;
private String nombre;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getNombre() {
return nombre;
}
public void setNombre(String nombre) {
this.nombre = nombre;
}
}
Clase OutResponse
package
com.besoft.panaderia.dto.response;
public class OutResponse<T>
{
private Integer oCodigo;
private String oMensaje;
private T oResult;
public Integer getoCodigo()
{
return oCodigo;
}
public void setoCodigo(Integer oCodigo) {
this.oCodigo = oCodigo;
}
public String getoMensaje()
{
return oMensaje;
}
public void setoMensaje(String oMensaje) {
this.oMensaje = oMensaje;
}
public T getoResult() {
return oResult;
}
public void setoResult(T oResult) {
this.oResult = oResult;
}
}
CREAR CLASES MAPPER PARA MAPEO DE RESPONSE
DE LA BD
Clase UsuarioResponseMapper
package
com.besoft.panaderia.dto.response.mapper;
import java.sql.ResultSet;
import
java.sql.SQLException;
import
org.springframework.jdbc.core.RowMapper;
import
com.besoft.panaderia.dto.response.UsuarioResponse;
public class UsuarioMapper implements
RowMapper<UsuarioResponse> {
@Override
public UsuarioResponse
mapRow(ResultSet rs, int rowNum) throws SQLException {
UsuarioResponse
o = new UsuarioResponse();
o.setId(rs.getLong("ID"));
o.setNombre(rs.getString("NOMBRE"));
o.setApePaterno(rs.getString("APE_PATERNO"));
o.setApeMaterno(rs.getString("APE_MATERNO"));
o.setUsername(rs.getString("USERNAME"));
o.setPassword(rs.getString("PASSWORD"));
o.setEmail(rs.getString("EMAIL"));
o.setTelefono(rs.getString("TELEFONO"));
o.setIdRol(rs.getLong("ID_ROL"));
o.setNombreRol(rs.getString("NOMBRE_ROL"));
return o;
}
}
Clase PermisoResponseMapper
package
com.besoft.panaderia.dto.response.mapper;
import java.sql.ResultSet;
import
java.sql.SQLException;
import
org.springframework.jdbc.core.RowMapper;
import
com.besoft.panaderia.dto.response.PermisoResponse;
public class PermisoResponseMapper
implements
RowMapper<PermisoResponse> {
@Override
public PermisoResponse mapRow(ResultSet rs, int rowNum) throws SQLException {
PermisoResponse
o = new PermisoResponse();
o.setId(rs.getLong("ID"));
o.setNombre(rs.getString("NOMBRE"));
return o;
}
}
CREAR CLASES DE
ACCESO A DATOS (DAO)
Interface
UsuarioDao
package
com.besoft.panaderia.dao;
import
com.besoft.panaderia.dto.response.OutResponse;
import
com.besoft.panaderia.dto.response.UsuarioResponse;
public interface UsuarioDao {
public
OutResponse<UsuarioResponse> buscarUsuario(String username);
}
Clase UsuarioDaoImpl
package
com.besoft.panaderia.dao.impl;
import java.sql.Types;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import javax.sql.DataSource;
import org.slf4j.Logger;
import
org.slf4j.LoggerFactory;
import
org.springframework.beans.factory.annotation.Autowired;
import
org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
import
org.springframework.jdbc.core.simple.SimpleJdbcCall;
import
org.springframework.security.core.GrantedAuthority;
import
org.springframework.security.core.authority.SimpleGrantedAuthority;
import
org.springframework.stereotype.Repository;
import
com.besoft.panaderia.dao.UsuarioDao;
import
com.besoft.panaderia.dto.response.OutResponse;
import
com.besoft.panaderia.dto.response.PermisoResponse;
import
com.besoft.panaderia.dto.response.UsuarioResponse;
import
com.besoft.panaderia.dto.response.mapper.PermisoResponseMapper;
import
com.besoft.panaderia.dto.response.mapper.UsuarioMapper;
@Repository
public class UsuarioDaoImpl implements UsuarioDao {
Logger
log = LoggerFactory.getLogger(UsuarioDaoImpl.class);
@Autowired
DataSource
dataSource;
@SuppressWarnings("unchecked")
@Override
public
OutResponse<UsuarioResponse> buscarUsuario(String username) {
OutResponse<UsuarioResponse>
outResponse = new
OutResponse<>();
UsuarioResponse
user = null;
List<PermisoResponse>
listaPermiso = null;
Integer
oCodigo = -1;
String
oMensaje = "";
try {
SimpleJdbcCall
jdbcCall = new SimpleJdbcCall(dataSource).withSchemaName("PPSEG")
.withCatalogName("PCK_PP_AUTENTICACION").withProcedureName("SP_PP_BUSCAR_USUARIO")
.returningResultSet("O_RESULT", new UsuarioMapper())
.returningResultSet("O_RESULT_DET", new
PermisoResponseMapper());
MapSqlParameterSource
in = new
MapSqlParameterSource();
in.addValue("I_USERNAME", username, Types.VARCHAR);
Map<String,
Object> out = jdbcCall.execute(in);
oCodigo = Integer.parseInt(out.get("O_CODIGO").toString());
oMensaje = out.get("O_MENSAJE").toString();
if (oCodigo == 0) {// CONSULTA CORRECTA
user =
((List<UsuarioResponse>) out.get("O_RESULT")).get(0);
listaPermiso =
(List<PermisoResponse>) out.get("O_RESULT_DET");
Collection<GrantedAuthority>
list = new ArrayList<>();
for (PermisoResponse p : listaPermiso) {
GrantedAuthority
grantedAuthority = new
SimpleGrantedAuthority(p.getNombre());
list.add(grantedAuthority);
}
user.setGrantedAuthoritiesList(list);
outResponse.setoCodigo(oCodigo);
outResponse.setoMensaje(oMensaje);
outResponse.setoResult(user);
}
else {
outResponse.setoCodigo(oCodigo);
outResponse.setoMensaje(oMensaje);
outResponse.setoResult(null);
}
}
catch (Exception e) {
outResponse.setoCodigo(500);
outResponse.setoMensaje(e.getMessage());
outResponse.setoResult(null);
log.info("[AUTENTICACION][DAO][EXCEPCION][" + e.getMessage() + "]");
}
return outResponse;
}
}
CREAR UN MODELO PARA RETORNO DE USUARIO
Crear clase CustomUser
package
com.besoft.panaderia.dto;
import
org.springframework.security.core.userdetails.User;
import
com.besoft.panaderia.dto.response.UsuarioResponse;
public class CustomUser extends User {
private static final long serialVersionUID = 1L;
private Long id;
private String nombre;
private String apePaterno;
private String apeMaterno;
private String email;
private String telefono;
private Long idRol;
private String nombreRol;
public
CustomUser(UsuarioResponse user) {
super(user.getUsername(), user.getPassword(), user.getGrantedAuthoritiesList());
this.id = user.getId();
this.nombre = user.getNombre();
this.apePaterno = user.getApePaterno();
this.apeMaterno = user.getApeMaterno();
this.email = user.getEmail();
this.telefono = user.getTelefono();
this.idRol = user.getIdRol();
this.nombreRol = user.getNombreRol();
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getNombre() {
return nombre;
}
public void setNombre(String nombre) {
this.nombre = nombre;
}
public String
getApePaterno() {
return apePaterno;
}
public void setApePaterno(String apePaterno) {
this.apePaterno = apePaterno;
}
public String
getApeMaterno() {
return apeMaterno;
}
public void setApeMaterno(String apeMaterno) {
this.apeMaterno = apeMaterno;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getTelefono()
{
return telefono;
}
public void setTelefono(String telefono) {
this.telefono = telefono;
}
public Long getIdRol() {
return idRol;
}
public void setIdRol(Long idRol) {
this.idRol = idRol;
}
public String getNombreRol()
{
return nombreRol;
}
public void setNombreRol(String nombreRol) {
this.nombreRol = nombreRol;
}
}
CREAR CLASES DE LOGICA DE NEGOCIO (SERVICE)
Clase UsuarioService
package
com.besoft.panaderia.service;
import
org.springframework.beans.factory.annotation.Autowired;
import
org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import
org.springframework.security.core.userdetails.UsernameNotFoundException;
import
org.springframework.stereotype.Service;
import
com.besoft.panaderia.dao.UsuarioDao;
import
com.besoft.panaderia.dto.CustomUser;
import
com.besoft.panaderia.dto.response.OutResponse;
import
com.besoft.panaderia.dto.response.UsuarioResponse;
@Service
public class UsuarioService implements UserDetailsService {
@Autowired
UsuarioDao
usuarioDao;
@Override
public UserDetails
loadUserByUsername(String username) throws UsernameNotFoundException {
OutResponse<UsuarioResponse>
out = null;
try {
out = usuarioDao.buscarUsuario(username);
if (out.getoCodigo().equals(0))
{
CustomUser
customUser = new CustomUser(out.getoResult());
return customUser;
}
else {
throw new
UsernameNotFoundException("User " + username + " was not found in the database");
}
}
catch (Exception e) {
e.printStackTrace();
throw new
UsernameNotFoundException("User " + username + " was not found in the database");
}
}
}
CREAMOS LAS CLASES DE CONFIGURACION DE SEGURIDAD
Clase SecurityConfig
package
com.besoft.panaderia.config;
import
org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import
org.springframework.context.annotation.Configuration;
import
org.springframework.security.authentication.AuthenticationManager;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity;
import
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import
org.springframework.security.config.http.SessionCreationPolicy;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import
org.springframework.security.crypto.password.PasswordEncoder;
import
com.besoft.panaderia.service.UsuarioService;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends
WebSecurityConfigurerAdapter {
@Autowired
UsuarioService
usuarioService;
@Bean
public PasswordEncoder
encoder() {
return new
BCryptPasswordEncoder();
}
@Override
@Autowired
protected void
configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(usuarioService).passwordEncoder(encoder());
}
@Override
protected void
configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.csrf().disable()//Deshabilitar
la proteccion csrf(cross-site request forgery)
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.NEVER);//Deshabilitar
el manejo de sesiones en la autenticacion
por lado de spring security porque se va
a trebajar con tokens NEVER(nunca)
}
@Override
@Bean
public AuthenticationManager
authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
Clase CustomTokenEnhancer (Manipulador del token)
package
com.besoft.panaderia.config;
import
java.util.LinkedHashMap;
import java.util.Map;
import
org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import
org.springframework.security.oauth2.common.OAuth2AccessToken;
import
org.springframework.security.oauth2.provider.OAuth2Authentication;
import
org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import
com.besoft.panaderia.dto.CustomUser;
public class CustomTokenEnhancer extends
JwtAccessTokenConverter {
@Override
public OAuth2AccessToken
enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
CustomUser
user = (CustomUser) authentication.getPrincipal();
Map<String,
Object> info = new
LinkedHashMap<>(accessToken.getAdditionalInformation());
info.put("id", user.getId() != null ? user.getId() : 0);
info.put("nombre", user.getNombre() != null ? user.getNombre() : "");
info.put("apePaterno", user.getApePaterno() != null ? user.getApePaterno() : "");
info.put("apeMaterno", user.getApeMaterno() != null ? user.getApeMaterno() : "");
info.put("email", user.getEmail() != null ? user.getEmail() : "");
info.put("telefono", user.getTelefono() != null ? user.getTelefono() : "");
info.put("idRol", user.getIdRol() != null ? user.getIdRol() : "");
info.put("nombreRol", user.getNombreRol() != null ? user.getNombreRol() : 0);
DefaultOAuth2AccessToken
customAccessToken = new
DefaultOAuth2AccessToken(accessToken);
customAccessToken.setAdditionalInformation(info);
return super.enhance(customAccessToken, authentication);
}
}
Clase OAuth2Config
package
com.besoft.panaderia.config;
import
org.springframework.beans.factory.annotation.Autowired;
import
org.springframework.beans.factory.annotation.Qualifier;
import
org.springframework.beans.factory.annotation.Value;
import
org.springframework.context.annotation.Bean;
import
org.springframework.context.annotation.Configuration;
import
org.springframework.security.authentication.AuthenticationManager;
import
org.springframework.security.crypto.password.PasswordEncoder;
import
org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import
org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import
org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import
org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
public class OAuth2Config extends
AuthorizationServerConfigurerAdapter {
@Autowired
private PasswordEncoder encoder;
@Value("${config.oauth2.clientId}")
private String clientId;
@Value("${config.oauth2.clientSecret}")
private String clientSecret;
@Value("${config.oauth2.privateKey}")
private String privateKey;
@Value("${config.oauth2.publicKey}")
private String publicKey;
@Value("${config.oauth2.expiration}")
private Integer expiration;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager
authenticationManager;
@Override
public void
configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");//Solo ingresan
clientes autenticados
}
@Override
public void
configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient(clientId)
.secret(encoder.encode(clientSecret))
.scopes("read", "write")
.authorizedGrantTypes("password", "refresh_token")
.accessTokenValiditySeconds(expiration)//Tiempo caducar
del token 1hora = 3600
.refreshTokenValiditySeconds(18000);
}
@Override
public void
configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager)
.tokenStore(tokenStore())
.accessTokenConverter(tokenEnhancer());
}
@Bean
public JwtTokenStore
tokenStore() {
return new
JwtTokenStore(tokenEnhancer());
}
@Bean
public
JwtAccessTokenConverter tokenEnhancer() {
JwtAccessTokenConverter
converter = new CustomTokenEnhancer();
converter.setSigningKey(privateKey);
converter.setVerifierKey(publicKey);
return converter;
}
}
Clase CorsFilter
(Configura el bloqueo de CORS)
package
com.besoft.panaderia.config;
import java.io.IOException;
import javax.servlet.Filter;
import
javax.servlet.FilterChain;
import
javax.servlet.FilterConfig;
import
javax.servlet.ServletException;
import
javax.servlet.ServletRequest;
import
javax.servlet.ServletResponse;
import
javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse;
import
org.springframework.core.Ordered;
import
org.springframework.core.annotation.Order;
import
org.springframework.stereotype.Component;
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {
public CorsFilter() {
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
@Override
public void
doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException,
ServletException {
HttpServletRequest
request =
(HttpServletRequest) req;
HttpServletResponse
response =
(HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET,
OPTIONS, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,
authorization, content-type");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
}
else {
chain.doFilter(req, res);
}
}
}
PRUEBA POSTMAN
Consulta token
METHOD: POST
URL: localhost:8080/ppanaderia-seg/oauth/token
Authorization:
Body:
Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZFJvbCI6MiwidXNlcl9uYW1lIjoiYWRtaW4iLCJub21icmVSb2wiOiJDQUpFUk8iLCJhcGVNYXRlcm5vIjoiREFOSUUiLCJub21icmUiOiJLSVRFIiwiYXV0aG9yaXRpZXMiOlsiUk9MRV9WRU5UQVMiXSwiY2xpZW50X2lkIjoicHBzZWciLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiaWQiOjIsImV4cCI6MTU5NDQwNzc1MywidGVsZWZvbm8iOiI5MjkxODE5NTQiLCJhcGVQYXRlcm5vIjoiREFOSUUiLCJqdGkiOiI3MmU4Njc3Yy02YzBmLTQ2YzUtOWE3Yy03ZTFhYTRjYmYyY2QiLCJlbWFpbCI6Ik5CQUVaMDAxQEdNQUlMLkNPTSJ9.1_7nyZe2xayoBYkPXxaHVc5PdnQt_zrs65NSoWHqs3rJwNSG1MYZzBIQqKbjQiI2oj6oWxXDxrwV0czQRRlPZFBYzLWREdqFiRNMMldVzjHL2u2BpSl_No2h469IFQCgmL7enyjaOMgu2oRm1Vd4AnQDGgc5rSsZd8zK30yesCxRairtoZQAGVkDcTCHjMVq2qcoYlLmXyLikVS_UCDjdx7HwGd5EioUyj45jyUZ7dXIh_a0h_qTPTIjOX-y15IgUZZp5ldUkCokZkz_ZrI1KHHko_ThRsPyF8M2RurLipOHMw5r2kNQdjlJHvaz9YL0eO53aViPWkZ6vDC2UAEmVw",
"token_type": "bearer",
"refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZFJvbCI6MiwidXNlcl9uYW1lIjoiYWRtaW4iLCJub21icmVSb2wiOiJDQUpFUk8iLCJhcGVNYXRlcm5vIjoiREFOSUUiLCJub21icmUiOiJLSVRFIiwiYXV0aG9yaXRpZXMiOlsiUk9MRV9WRU5UQVMiXSwiY2xpZW50X2lkIjoicHBzZWciLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiYXRpIjoiNzJlODY3N2MtNmMwZi00NmM1LTlhN2MtN2UxYWE0Y2JmMmNkIiwiaWQiOjIsImV4cCI6MTU5NDQyMjE1MywidGVsZWZvbm8iOiI5MjkxODE5NTQiLCJhcGVQYXRlcm5vIjoiREFOSUUiLCJqdGkiOiIzNjY3ZTgxNy1jZjBiLTQzMGEtODVkOC03NmM4OGVlZmQ1ZWMiLCJlbWFpbCI6Ik5CQUVaMDAxQEdNQUlMLkNPTSJ9.0H65mrSn5vak6fIHi7OjiXAv9x_4bX9ZjUjjih7dvqAql7QPYXpPDVSeuohsJvierAue0HbIglaw47xbEXU2XY4UNtyeQeyelOLyqcHOleUtpK04JlSoRRcfniHMtwaotPy7pGS8LKafhpQtWgYUDd9j0Ial-eWO9bTLtYYm2QtalSR7vXpM-Qvrlmls4CzhG460KoF8GK3e6CEdO8iM8mvOiyXXboZ9nN7i4iz4rvFGDQ58cV2LwVn5KkeSxeMl73S0EYQ7HPuDywP3RSDLeN5NT-G42AA544woshF5w3W0cMgFiki1shKETA8gylkGM-OzeB3nOzEI4O4J1xbXZQ",
"expires_in": 3599,
"scope": "read write",
"id": 2,
"nombre": "KITE",
"apePaterno": "DANIE",
"apeMaterno": "DANIE",
"email": "NBAEZ001@GMAIL.COM",
"telefono": "929181954",
"idRol": 2,
"nombreRol": "CAJERO",
"jti": "72e8677c-6c0f-46c5-9a7c-7e1aa4cbf2cd"
}
Consulta JQuery:
Authorization:
Body:
Response:
Consulta JQuery:
Refresh token
METHOD: POST
METHOD: POST
URL: localhost:8080/ppanaderia-seg/oauth/token
Authorization:
Body:
Response:
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZFJvbCI6MiwidXNlcl9uYW1lIjoiYWRtaW4iLCJub21icmVSb2wiOiJDQUpFUk8iLCJhcGVNYXRlcm5vIjoiREFOSUUiLCJub21icmUiOiJLSVRFIiwiYXV0aG9yaXRpZXMiOlsiUk9MRV9WRU5UQVMiXSwiY2xpZW50X2lkIjoicHBzZWciLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiaWQiOjIsImV4cCI6MTU5NDUzMDUwMCwidGVsZWZvbm8iOiI5MjkxODE5NTQiLCJhcGVQYXRlcm5vIjoiREFOSUUiLCJqdGkiOiJkY2EyN2QyMi0yMjFlLTRiMWQtYjZkZC0xMjZhMjMxOTI1MGYiLCJlbWFpbCI6Ik5CQUVaMDAxQEdNQUlMLkNPTSJ9.wM5ArRc2gyAxWc_fh09H_u0qLXAT371DYLMLVcsOFliUEVvfrZugYEifRGrENLVDPl98Hl_7FLXEXEyshyBPczJM4JPtPF9Tll1GjzoI_AgVgff-aPUPHzrCHS3dsg5c3GAD5lK5PXTWSSUcwiEbld9c_D4csxESNO-KbjJdJ-BW31IlLtgn2N-38rUvv5CoFtd6Vhk2P3PQXBhOaRUEjOjRmnLLLWUh4oIQGPZQtP2HrxOsjtBygJhfXSz9yJxts9pWMH0z6Qh62dMIumVLUi1NDK13VOJmawB6VyUA-AGrESXtBoCqT1SVro1ondD99qK7D7CIfxkngfv_DammWA",
"token_type": "bearer",
"refresh_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZFJvbCI6MiwidXNlcl9uYW1lIjoiYWRtaW4iLCJub21icmVSb2wiOiJDQUpFUk8iLCJhcGVNYXRlcm5vIjoiREFOSUUiLCJub21icmUiOiJLSVRFIiwiYXV0aG9yaXRpZXMiOlsiUk9MRV9WRU5UQVMiXSwiY2xpZW50X2lkIjoicHBzZWciLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiYXRpIjoiZGNhMjdkMjItMjIxZS00YjFkLWI2ZGQtMTI2YTIzMTkyNTBmIiwiaWQiOjIsImV4cCI6MTU5NDU0NDg4MCwidGVsZWZvbm8iOiI5MjkxODE5NTQiLCJhcGVQYXRlcm5vIjoiREFOSUUiLCJqdGkiOiJmNmIzNzVmNi1iZDZjLTRmMTEtYjI5ZC01MDRkNjJlY2FkODYiLCJlbWFpbCI6Ik5CQUVaMDAxQEdNQUlMLkNPTSJ9.r_2pRrGAJjxfMJ8ptFpmLMvcoJW_8C-985SirBXG_ZmvgAe9ZL5IYjDu6Eh7ICifeFLllIjEwWHwf16iEYKvj_64tknJ7empu1qaT-IB-94tWapM8QVd9fML_mmkwY6rkdJGxEoVEjAC9nJxtrNaS0ABS7HRT0zbYgXB4b-ZJeNt_R1fiB-Ne5leTFCOKlq2lE-OSLr98NsO6H-sU3ZIwtNlrtkY19ySt5FV0EkbvrRs4kAqPOpTFZUY5BpWBvHjBPQwJ5CdK8z2hwJtjIfBMFi-_BpnEwUJxNijD02LuR0l_jQzs_lnf9H94hraVMBFjG5T80E2LjoKoDlRVRU4sg",
"expires_in": 3599,
"scope": "read write",
"id": 2,
"nombre": "KITE",
"apePaterno": "DANIE",
"apeMaterno": "DANIE",
"email": "NBAEZ001@GMAIL.COM",
"telefono": "929181954",
"idRol": 2,
"nombreRol": "CAJERO",
"jti": "dca27d22-221e-4b1d-b6dd-126a2319250f"
}
Consulta JQuery:
0 Comentarios