The dependencies of some of the beans in the application context form a cycle #5
Description
Description:
The dependencies of some of the beans in the application context form a cycle:
┌─────┐
| securityConfig (field private org.springframework.security.core.userdetails.UserDetailsService com.demo.BasicAPICreation.config.SecurityConfig.userDetailsService)
↑ ↓
| productService (field org.springframework.security.authentication.AuthenticationManager com.demo.BasicAPICreation.service.ProductService.authenticationManager)
└─────┘
Action:
Relying upon circular references is discouraged and they are prohibited by default. Update your application to remove the dependency cycle between beans. As a last resort, it may be possible to break the cycle automatically by setting spring.main.allow-circular-references to true.
_Configuration Class
package com.demo.BasicAPICreation.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
@configuration
@EnableWebSecurity
public class SecurityConfig {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity security) throws Exception {
return security
.csrf(customizer -> customizer.disable())
.authorizeHttpRequests(request -> request
.requestMatchers("add-products","verify-product")
.permitAll()
.anyRequest().authenticated())
.httpBasic(Customizer.withDefaults()).sessionManagement(session
-> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.build();
}
@Bean
public AuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setPasswordEncoder(passwordEncoder());
provider.setUserDetailsService(userDetailsService);
return provider;
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(12);
}
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}
}
### Service Class
package com.demo.BasicAPICreation.service;
import com.demo.BasicAPICreation.modal.Product;
import com.demo.BasicAPICreation.modal.ProductPrincipal;
import com.demo.BasicAPICreation.repo.ProductRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.List;
@service
public class ProductService implements UserDetailsService {
@Autowired
ProductRepository productRepository;
@Autowired
AuthenticationManager authenticationManager;
private final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(12);
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Product product = productRepository.findByUsername(username);
if (product == null)
throw new UsernameNotFoundException("User Not Found");
return new ProductPrincipal(product);
}
public List<Product> getAllProducts() {
if (productRepository.findAll().isEmpty())
throw new UsernameNotFoundException("Product Not Found");
return productRepository.findAll();
}
public Product addProduct(Product product) {
product.setPassword(encoder.encode(product.getPassword()));
return productRepository.save(product);
}
public boolean updateProduct(int id) {
for (Product product : productRepository.findAll()) {
if (product.getId() == id) {
product.setPrice(product.getPrice() + 1000);
productRepository.save(product);
return true;
}
}
throw new UsernameNotFoundException("Product Not Found");
}
public boolean deleteProduct(int id) {
for (Product product : productRepository.findAll()) {
if (product.getId() == id) {
productRepository.delete(product);
return true;
}
}
throw new UsernameNotFoundException("Product Not Found");
}
public String verifyProduct(Product product) throws AuthenticationException {
Authentication authentication =
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(product.getUsername(), product.getPassword()));
if (authentication.isAuthenticated())
return "Product Is Verified...";
throw new UsernameNotFoundException("Product Not Found");
}
}