Moved contents from ./Backend/src/ to ./src/

src/main/java/com/skycrate/backend/skycrateBackend/config/ApplicationConfiguration.java

@@ -0,0 +1,55 @@
+package com.skycrate.backend.skycrateBackend.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import com.skycrate.backend.skycrateBackend.repository.UserRepository;
+
+ // Application-wide security configuration.
+ // Configures user authentication, password encoding, and authentication provider.
+@Configuration
+public class ApplicationConfiguration {
+
+    private final UserRepository userRepository;
+
+    public ApplicationConfiguration(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+     // Custom UserDetailsService to fetch user details by email.
+    @Bean
+    public UserDetailsService userDetailsService() {
+        return username -> userRepository.findByEmail(username)
+                .orElseThrow(() -> new UsernameNotFoundException("User not found with email: " + username));
+    }
+
+     // BCrypt password encoder with a higher strength for better security.
+     // Cost factor 12 is considered a good balance for production use.
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder(12);
+    }
+
+     // AuthenticationProvider using DAO with custom user service and password encoder.
+    @Bean
+    public AuthenticationProvider authenticationProvider() {
+        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
+        authProvider.setUserDetailsService(userDetailsService());
+        authProvider.setPasswordEncoder(passwordEncoder());
+        return authProvider;
+    }
+
+     // Provides the AuthenticationManager for authenticating credentials.
+    @Bean
+    public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
+        return config.getAuthenticationManager();
+    }
+}

src/main/java/com/skycrate/backend/skycrateBackend/config/HDFSConfig.java

@@ -0,0 +1,39 @@
+package com.skycrate.backend.skycrateBackend.config;
+
+import org.apache.hadoop.conf.Configuration; // Hadoop Configuration
+import org.apache.hadoop.fs.FileSystem;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.springframework.context.annotation.Bean;
+
+import java.net.URI;
+import java.security.PrivilegedExceptionAction;
+
+@org.springframework.context.annotation.Configuration
+public class HDFSConfig {
+
+    private static final String HDFS_URI = System.getenv("HDFS_URI"); // e.g., hdfs://namenode:9000
+    private static final String HDFS_USER = System.getenv("HDFS_USER"); // e.g., hdfsuser
+
+    @Bean
+    public FileSystem fileSystem() throws Exception {
+        return getHDFS();
+    }
+
+    public static FileSystem getHDFS() throws Exception {
+        if (HDFS_URI == null || HDFS_URI.isBlank()) {
+            throw new IllegalStateException("HDFS_URI environment variable not set.");
+        }
+
+        Configuration conf = new Configuration();
+        conf.set("fs.defaultFS", HDFS_URI);
+
+        if (HDFS_USER != null && !HDFS_USER.isBlank()) {
+            return UserGroupInformation.createRemoteUser(HDFS_USER)
+                    .doAs((PrivilegedExceptionAction<FileSystem>) () ->
+                            FileSystem.get(new URI(HDFS_URI), conf)
+                    );
+        } else {
+            return FileSystem.get(new URI(HDFS_URI), conf);
+        }
+    }
+}

src/main/java/com/skycrate/backend/skycrateBackend/config/HttpToHttpsRedirectConfig.java

@@ -0,0 +1,23 @@
+package com.skycrate.backend.skycrateBackend.config;
+
+import org.apache.catalina.connector.Connector;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.server.WebServerFactoryCustomizer;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class HttpToHttpsRedirectConfig {
+
+    @Bean
+    public WebServerFactoryCustomizer<TomcatServletWebServerFactory> containerCustomizer() {
+        return factory -> {
+            Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
+            connector.setScheme("http");
+            connector.setPort(8085); // HTTP port
+            connector.setSecure(false);
+            connector.setRedirectPort(8443); // HTTPS port
+            factory.addAdditionalTomcatConnectors(connector);
+        };
+    }
+}

src/main/java/com/skycrate/backend/skycrateBackend/config/SecurityConfig.java

@@ -0,0 +1,52 @@
+package com.skycrate.backend.skycrateBackend.config;
+
+import com.skycrate.backend.skycrateBackend.security.JwtAuthenticationFilter;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+
+@Configuration
+public class SecurityConfig {
+
+    private final AuthenticationProvider authenticationProvider;
+    private final JwtAuthenticationFilter jwtAuthenticationFilter;
+
+    public SecurityConfig(AuthenticationProvider authenticationProvider,
+                          JwtAuthenticationFilter jwtAuthenticationFilter) {
+        this.authenticationProvider = authenticationProvider;
+        this.jwtAuthenticationFilter = jwtAuthenticationFilter;
+    }
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(csrf -> csrf.disable())
+                .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+                .authenticationProvider(authenticationProvider)
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/api/auth/login", "/api/auth/register", "/actuator/**").permitAll()
+                        .requestMatchers(HttpMethod.GET, "/public/**").permitAll()
+                        .anyRequest().authenticated()
+                )
+                .requiresChannel(channel -> channel
+                        .anyRequest().requiresSecure()
+                )
+                .headers(headers -> headers
+                        .httpStrictTransportSecurity(hsts -> hsts
+                                .includeSubDomains(true)
+                                .maxAgeInSeconds(31536000)
+                        )
+                        // Spring Security 6+ no longer supports xss.block(true), so we just enable or disable it.
+                        .xssProtection(xss -> xss.disable())
+                        .frameOptions(frame -> frame.deny())
+                )
+                .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+
+        return http.build();
+    }
+}