7. Authorization and Authentication

29 Mar 20251 min read

1. Password Encoding Bean

Create a new package com.endlessuphill.regent.config. Inside, create SecurityConfig.kt:

// src/main/kotlin/com/example/regent/config/SecurityConfig.kt
package com.endlessuphill.regent.config
 
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.security.crypto.password.PasswordEncoder
 
@Configuration
class SecurityConfig {
 
    @Bean
    fun passwordEncoder(): PasswordEncoder {
        return BCryptPasswordEncoder()
    }
 
    // We will add the SecurityWebFilterChain bean here later
}

2. Add JWT Dependencies

Open your build.gradle.kts file and add the following dependencies to the dependencies block:

dependencies {
    // ... other dependencies ...
 
    // JWT Support
    implementation("io.jsonwebtoken:jjwt-api:0.12.5") // Or latest 0.12.x
    runtimeOnly("io.jsonwebtoken:jjwt-impl:0.12.5")
    runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.12.5") // Use Jackson for JSON processing with JWT
 
    // ... other dependencies ...
}

3. JWT Configuration Properties

Define Properties: Add these lines to your src/main/resources/application.properties:

regent:
  jwt:
    secret: m67GoIKW84IihaI4/qsZlI5j06x3RkuHZtoyQbN6u0M=
    expiration: 3600000
    issuer: regent-platform
## @TODO This needs to be moved to a secure location

Create Properties Class: In the com.endlessuphill.regent.config package, create JwtProperties.kt:

// src/main/kotlin/com/endlessuphill/regent/config/JwtProperties.kt
package com.endlessuphill.regent.config
 
import org.springframework.boot.context.properties.ConfigurationProperties
import java.time.Duration
 
@ConfigurationProperties("regent.jwt")
data class JwtProperties(
    val secret: String,
    val expirationMs: Long,
    val issuer: String
) {
    val expiration: Duration
        get() = Duration.ofMillis(expirationMs)
}

Enable Configuration Properties: Add @EnableConfigurationProperties(JwtProperties::class) to your main application class or a configuration class. Let’s add it to SecurityConfig:

// src/main/kotlin/com/example/regent/config/SecurityConfig.kt
@EnableConfigurationProperties(JwtProperties::class) // Enable processing of JwtProperties

Next Step

Graph View

Backlinks