Authorization

README.md

@@ -8,4 +8,5 @@ AdWeb V3 - Google, Meta等数据桥
 
 * Run `DataBridgeApplication` within the project to launch the service
 * [IMPORTANT] Check out the Swagger API docs at http://localhost:9002/swagger-ui/index.html
-  and http://localhost:9002/v3/api-docs
+  and http://localhost:9002/v3/api-docs
+* [NOTE] See `AuthInterceptor` class for the API authorization token.

src/main/java/com/wechi/adweb/bridge/auth/AuthInterceptor.java

@@ -0,0 +1,30 @@
+package com.wechi.adweb.bridge.auth;
+
+import com.wechi.adweb.bridge.exception.UnauthorizedException;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+import org.springframework.http.HttpHeaders;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+/**
+ * @author wfansh
+ */
+public class AuthInterceptor implements HandlerInterceptor {
+
+    // The token is static and weak to reduce computational overhead.
+    private static final String STATIC_BEARER_TOKEN = "Bearer lgoXX9APqgPLGMPECiNoxaPx";
+
+    @Override
+    public boolean preHandle(
+            HttpServletRequest request, HttpServletResponse response, Object handler)
+            throws Exception {
+        String authToken = request.getHeader(HttpHeaders.AUTHORIZATION);
+        if (!STATIC_BEARER_TOKEN.equals(authToken)) {
+            throw new UnauthorizedException("Invalid auth token : " + authToken);
+        }
+
+        return true;
+    }
+}

src/main/java/com/wechi/adweb/bridge/auth/SecurityConfig.java

@@ -10,9 +10,11 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 @Configuration
 public class SecurityConfig implements WebMvcConfigurer {
 
+    private AuthInterceptor authInterceptor = new AuthInterceptor();
+
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(new AuthorizationInterceptor())
+        registry.addInterceptor(authInterceptor)
                 .addPathPatterns("/api/**"); // Intercepts all paths under /api/
     }
 }

src/main/java/com/wechi/adweb/bridge/auth/SwaggerConfig.java

@@ -13,7 +13,6 @@ import org.springframework.http.HttpHeaders;
 @SecurityScheme(
         name = SwaggerConfig.SECURITY_SCHEMA_NAME,
         type = SecuritySchemeType.HTTP,
-        bearerFormat = "JWT",
         scheme = "bearer")
 public class SwaggerConfig {
     public static final String SECURITY_SCHEMA_NAME = HttpHeaders.AUTHORIZATION;

src/main/java/com/wechi/adweb/bridge/exception/ExceptionAdvice.java

@@ -35,6 +35,20 @@ public class ExceptionAdvice {
     }
 
     /**
+     * @return 401 UNAUTHORIZED
+     */
+    @ResponseBody
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
+    @ExceptionHandler(UnauthorizedException.class)
+    public OpenAPIResponse<?> handleAuthException(UnauthorizedException e) {
+        log.error(e.getMessage(), e);
+        return OpenAPIResponse.builder()
+                .status(APIStatus.UNAUTHORIZED)
+                .message(e.getMessage())
+                .build();
+    }
+
+    /**
      * @return 500 INTERNAL_SERVER_ERROR
      */
     @ResponseBody

src/main/java/com/wechi/adweb/bridge/exception/UnauthorizedException.java

@@ -0,0 +1,14 @@
+package com.wechi.adweb.bridge.exception;
+
+/**
+ * @author wfansh
+ */
+public class UnauthorizedException extends Exception {
+    public UnauthorizedException() {
+        super();
+    }
+
+    public UnauthorizedException(String message) {
+        super(message);
+    }
+}