From 0a45ab9ff2244b903a430dd0552061fa5b1f036c Mon Sep 17 00:00:00 2001
From: "educharrone@hotmail.com" <educharrone@hotmail.com>
Date: Wed, 6 Oct 2021 15:26:55 -0300
Subject: [PATCH] Final

---
 .../devsuperior/bds03/config/AppConfig.java   |  36 +++++
 .../config/AuthorizationServerConfig.java     |  72 +++++++++
 .../bds03/config/ResourceServerConfig.java    |  55 +++++++
 .../bds03/config/SecurityConfig.java          |  16 --
 .../bds03/config/WebSecurityConfig.java       |  44 ++++++
 .../bds03/controllers/EmployeeController.java |   2 +-
 .../controllers/exceptions/FieldMessage.java  |  37 +++++
 .../exceptions/ResourceExceptionHandler.java  |  36 +++++
 .../controllers/exceptions/StandardError.java |  73 +++++++++
 .../exceptions/ValidationError.java           |  22 +++
 .../devsuperior/bds03/dto/EmployeeDTO.java    |   9 ++
 .../com/devsuperior/bds03/entities/Role.java  |  74 +++++++++
 .../com/devsuperior/bds03/entities/User.java  | 146 ++++++++++++++++++
 .../bds03/repositories/UserRepository.java    |  11 ++
 .../bds03/services/UserService.java           |  37 +++++
 src/main/resources/application.properties     |   8 +-
 src/main/resources/data.sql                   |  13 ++
 17 files changed, 673 insertions(+), 18 deletions(-)
 create mode 100644 src/main/java/com/devsuperior/bds03/config/AppConfig.java
 create mode 100644 src/main/java/com/devsuperior/bds03/config/AuthorizationServerConfig.java
 create mode 100644 src/main/java/com/devsuperior/bds03/config/ResourceServerConfig.java
 delete mode 100644 src/main/java/com/devsuperior/bds03/config/SecurityConfig.java
 create mode 100644 src/main/java/com/devsuperior/bds03/config/WebSecurityConfig.java
 create mode 100644 src/main/java/com/devsuperior/bds03/controllers/exceptions/FieldMessage.java
 create mode 100644 src/main/java/com/devsuperior/bds03/controllers/exceptions/ResourceExceptionHandler.java
 create mode 100644 src/main/java/com/devsuperior/bds03/controllers/exceptions/StandardError.java
 create mode 100644 src/main/java/com/devsuperior/bds03/controllers/exceptions/ValidationError.java
 create mode 100644 src/main/java/com/devsuperior/bds03/entities/Role.java
 create mode 100644 src/main/java/com/devsuperior/bds03/entities/User.java
 create mode 100644 src/main/java/com/devsuperior/bds03/repositories/UserRepository.java
 create mode 100644 src/main/java/com/devsuperior/bds03/services/UserService.java

diff --git a/src/main/java/com/devsuperior/bds03/config/AppConfig.java b/src/main/java/com/devsuperior/bds03/config/AppConfig.java
new file mode 100644
index 00000000..6bb39f64
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/config/AppConfig.java
@@ -0,0 +1,36 @@
+package com.devsuperior.bds03.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+
+@Configuration
+public class AppConfig {
+	
+	@Value("${jwt.secret}")
+	private String jwtSecret; 
+	
+	
+	
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+		
+	}
+	
+	@Bean
+	public JwtAccessTokenConverter accessTokenConverter() {
+		JwtAccessTokenConverter tokenConverter = new JwtAccessTokenConverter();
+		tokenConverter.setSigningKey(jwtSecret);
+		return tokenConverter;
+	}
+
+	@Bean
+	public JwtTokenStore tokenStore() {
+		return new JwtTokenStore(accessTokenConverter());
+	}
+
+}
diff --git a/src/main/java/com/devsuperior/bds03/config/AuthorizationServerConfig.java b/src/main/java/com/devsuperior/bds03/config/AuthorizationServerConfig.java
new file mode 100644
index 00000000..a74f00a8
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/config/AuthorizationServerConfig.java
@@ -0,0 +1,72 @@
+package com.devsuperior.bds03.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+
+@Configuration
+@EnableAuthorizationServer
+public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
+
+	@Value("${security.oauth2.client.client-id}")
+	private String clientId;
+
+	@Value("${security.oauth2.client.client-secret}")
+	private String clientSecret;
+	
+	@Value("${jwt.duration}")	
+	private Integer jwtDuration;
+	
+	
+	
+	@Autowired
+	private BCryptPasswordEncoder passwordEncoder;
+	
+	@Autowired 
+	private JwtAccessTokenConverter accessTokenConverter;
+	
+	@Autowired
+	private JwtTokenStore tokenStore;
+	
+	@Autowired
+	private AuthenticationManager  authenticationManager;
+	
+	
+	@Override
+	public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+		security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
+	}
+
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+
+		clients.inMemory()
+		.withClient(clientId)
+		.secret(passwordEncoder.encode(clientSecret))
+		.scopes("read","write")
+		.authorizedGrantTypes("password")
+		.accessTokenValiditySeconds(jwtDuration)
+		;
+		
+	}
+
+	@Override
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+	
+		
+		endpoints.authenticationManager(authenticationManager)
+		.tokenStore(tokenStore)
+		.accessTokenConverter(accessTokenConverter)
+		;
+	}
+
+}
diff --git a/src/main/java/com/devsuperior/bds03/config/ResourceServerConfig.java b/src/main/java/com/devsuperior/bds03/config/ResourceServerConfig.java
new file mode 100644
index 00000000..90bdd0f5
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/config/ResourceServerConfig.java
@@ -0,0 +1,55 @@
+package com.devsuperior.bds03.config;
+
+import java.util.Arrays;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+
+
+
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter{
+
+	
+	@Autowired
+	private Environment env;
+
+	
+	
+	@Autowired
+	private JwtTokenStore tokenStore; 
+	
+	private static final String[] PUBLIC = {"/oauth/token", "/h2-console/**"};
+	private static final String[] OPERATOR_GET = {"/departments/**","/employees/**"};
+	private static final String[] ADMIN = 	{"/users/**"};
+	@Override
+	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		resources.tokenStore(tokenStore);
+	}
+
+	@Override
+	public void configure(HttpSecurity http) throws Exception {
+
+		//H2
+		if (Arrays.asList(env.getActiveProfiles()).contains("test")) {
+			http.headers().frameOptions().disable();
+			
+		}	
+		
+		
+		
+		http.authorizeRequests()
+		.antMatchers(PUBLIC).permitAll()
+		.antMatchers(HttpMethod.GET,OPERATOR_GET).hasAnyRole("OPERATOR","ADMIN")
+		.anyRequest().hasAnyRole("ADMIN");
+	}
+
+}
diff --git a/src/main/java/com/devsuperior/bds03/config/SecurityConfig.java b/src/main/java/com/devsuperior/bds03/config/SecurityConfig.java
deleted file mode 100644
index 09a75cde..00000000
--- a/src/main/java/com/devsuperior/bds03/config/SecurityConfig.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package com.devsuperior.bds03.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-@Configuration
-@EnableWebSecurity
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
-	@Override
-	public void configure(WebSecurity web) throws Exception {
-		web.ignoring().antMatchers("/**");
-	}
-}
diff --git a/src/main/java/com/devsuperior/bds03/config/WebSecurityConfig.java b/src/main/java/com/devsuperior/bds03/config/WebSecurityConfig.java
new file mode 100644
index 00000000..c3f4977b
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/config/WebSecurityConfig.java
@@ -0,0 +1,44 @@
+package com.devsuperior.bds03.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	private BCryptPasswordEncoder passwordEncoder;
+
+	@Autowired
+	private UserDetailsService userDetailService;
+	
+	
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+		auth.userDetailsService(userDetailService).passwordEncoder(passwordEncoder);
+	}
+
+	@Override
+	public void configure(WebSecurity web) throws Exception {
+		web.ignoring().antMatchers("/actuator/**");
+	}
+
+	@Override
+	@Bean
+	protected AuthenticationManager authenticationManager() throws Exception {
+		// TODO Auto-generated method stub
+		return super.authenticationManager();
+	}
+	
+	
+}
diff --git a/src/main/java/com/devsuperior/bds03/controllers/EmployeeController.java b/src/main/java/com/devsuperior/bds03/controllers/EmployeeController.java
index 4969d1c4..2780d13f 100644
--- a/src/main/java/com/devsuperior/bds03/controllers/EmployeeController.java
+++ b/src/main/java/com/devsuperior/bds03/controllers/EmployeeController.java
@@ -35,7 +35,7 @@ public ResponseEntity<Page<EmployeeDTO>> findAll(Pageable pageable) {
 	}
 	
 	@PostMapping
-	public ResponseEntity<EmployeeDTO> insert(@RequestBody EmployeeDTO dto) {
+	public ResponseEntity<EmployeeDTO> insert(@Valid @RequestBody EmployeeDTO dto) {
 		dto = service.insert(dto);
 		URI uri = ServletUriComponentsBuilder.fromCurrentRequest().path("/{id}")
 				.buildAndExpand(dto.getId()).toUri();
diff --git a/src/main/java/com/devsuperior/bds03/controllers/exceptions/FieldMessage.java b/src/main/java/com/devsuperior/bds03/controllers/exceptions/FieldMessage.java
new file mode 100644
index 00000000..77238a5d
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/controllers/exceptions/FieldMessage.java
@@ -0,0 +1,37 @@
+package com.devsuperior.bds03.controllers.exceptions;
+
+import java.io.Serializable;
+
+public class FieldMessage implements Serializable{
+
+	private static final long serialVersionUID = 1L;
+
+	private String fieldName;
+	private String message;
+	
+	public FieldMessage() {}
+
+	public FieldMessage(String fieldName, String message) {
+		super();
+		this.fieldName = fieldName;
+		this.message = message;
+	}
+
+	public String getFieldName() {
+		return fieldName;
+	}
+
+	public void setFieldName(String fieldName) {
+		this.fieldName = fieldName;
+	}
+
+	public String getMessage() {
+		return message;
+	}
+
+	public void setMessage(String message) {
+		this.message = message;
+	}
+	
+	
+}
diff --git a/src/main/java/com/devsuperior/bds03/controllers/exceptions/ResourceExceptionHandler.java b/src/main/java/com/devsuperior/bds03/controllers/exceptions/ResourceExceptionHandler.java
new file mode 100644
index 00000000..787c850f
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/controllers/exceptions/ResourceExceptionHandler.java
@@ -0,0 +1,36 @@
+package com.devsuperior.bds03.controllers.exceptions;
+
+import java.time.Instant;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.validation.FieldError;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+
+@ControllerAdvice
+public class ResourceExceptionHandler {
+
+	
+	@ExceptionHandler(MethodArgumentNotValidException.class)
+	public ResponseEntity<ValidationError> validation(MethodArgumentNotValidException e, HttpServletRequest request){
+		HttpStatus status = HttpStatus.UNPROCESSABLE_ENTITY;
+		ValidationError err = new ValidationError();
+		err.setTimestamp(Instant.now());
+		err.setStatus(status.value());
+		err.setError("Validation exception ");
+		err.setMessage(e.getMessage());
+		err.setPath(request.getRequestURI());
+		
+		for(FieldError f: e.getBindingResult().getFieldErrors()) {
+			err.addError(f.getField(), f.getDefaultMessage());
+		}
+		
+		return ResponseEntity.status(status).body(err);
+	}	
+	
+
+}
diff --git a/src/main/java/com/devsuperior/bds03/controllers/exceptions/StandardError.java b/src/main/java/com/devsuperior/bds03/controllers/exceptions/StandardError.java
new file mode 100644
index 00000000..06d9eb1c
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/controllers/exceptions/StandardError.java
@@ -0,0 +1,73 @@
+package com.devsuperior.bds03.controllers.exceptions;
+
+import java.io.Serializable;
+import java.time.Instant;
+
+public class StandardError implements Serializable {
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 1L;
+	private Instant timestamp;
+	private Integer status;
+	private String error;
+    private String message;
+    private String path; 
+
+    
+    public StandardError() {}
+
+
+	public Instant getTimestamp() {
+		return timestamp;
+	}
+
+
+	public void setTimestamp(Instant timestamp) {
+		this.timestamp = timestamp;
+	}
+
+
+	public Integer getStatus() {
+		return status;
+	}
+
+
+	public void setStatus(Integer status) {
+		this.status = status;
+	}
+
+
+	public String getError() {
+		return error;
+	}
+
+
+	public void setError(String error) {
+		this.error = error;
+	}
+
+
+	public String getMessage() {
+		return message;
+	}
+
+
+	public void setMessage(String message) {
+		this.message = message;
+	}
+
+
+	public String getPath() {
+		return path;
+	}
+
+
+	public void setPath(String path) {
+		this.path = path;
+	}
+    
+    
+    
+}
diff --git a/src/main/java/com/devsuperior/bds03/controllers/exceptions/ValidationError.java b/src/main/java/com/devsuperior/bds03/controllers/exceptions/ValidationError.java
new file mode 100644
index 00000000..78c479f9
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/controllers/exceptions/ValidationError.java
@@ -0,0 +1,22 @@
+package com.devsuperior.bds03.controllers.exceptions;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class ValidationError extends StandardError{
+
+	private static final long serialVersionUID = 1L;
+	
+	private List<FieldMessage> errors = new ArrayList<>();
+
+	public List<FieldMessage> getErrors() {
+		return errors;
+	}
+	
+	public void addError(String fieldName, String message) {
+		
+		errors.add(new FieldMessage(fieldName, message));
+	}
+	
+
+}
diff --git a/src/main/java/com/devsuperior/bds03/dto/EmployeeDTO.java b/src/main/java/com/devsuperior/bds03/dto/EmployeeDTO.java
index 2402cfe3..169fedaa 100644
--- a/src/main/java/com/devsuperior/bds03/dto/EmployeeDTO.java
+++ b/src/main/java/com/devsuperior/bds03/dto/EmployeeDTO.java
@@ -2,14 +2,23 @@
 
 import java.io.Serializable;
 
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
 import com.devsuperior.bds03.entities.Employee;
 
 public class EmployeeDTO implements Serializable {
 	private static final long serialVersionUID = 1L;
 	
 	private Long id;
+	@NotBlank(message="Campo requerido")
 	private String name;
+	
+	@Email(message="Email invalido")
 	private String email;
+	
+	@NotNull(message="Campo requerido")
 	private Long departmentId;
 	
 	public EmployeeDTO() {
diff --git a/src/main/java/com/devsuperior/bds03/entities/Role.java b/src/main/java/com/devsuperior/bds03/entities/Role.java
new file mode 100644
index 00000000..0799c9d2
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/entities/Role.java
@@ -0,0 +1,74 @@
+package com.devsuperior.bds03.entities;
+
+import java.io.Serializable;
+
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+@Entity
+@Table(name="tb_role")
+public class Role implements Serializable{
+
+	private static final long serialVersionUID = 1L;
+	@Id
+	@GeneratedValue(strategy = GenerationType.IDENTITY)	
+	private Long id;
+	private String authority;
+	
+	public Role() {}
+
+	public Role(Long id, String authority) {
+		super();
+		this.id = id;
+		this.authority = authority;
+	}
+
+	public Long getId() {
+		return id;
+	}
+
+	public void setId(Long id) {
+		this.id = id;
+	}
+
+	public String getAuthority() {
+		return authority;
+	}
+
+	public void setAuthority(String authority) {
+		this.authority = authority;
+	}
+
+	@Override
+	public int hashCode() {
+		final int prime = 31;
+		int result = 1;
+		result = prime * result + ((id == null) ? 0 : id.hashCode());
+		return result;
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (this == obj)
+			return true;
+		if (obj == null)
+			return false;
+		if (getClass() != obj.getClass())
+			return false;
+		Role other = (Role) obj;
+		if (id == null) {
+			if (other.id != null)
+				return false;
+		} else if (!id.equals(other.id))
+			return false;
+		return true;
+	}
+
+
+	
+	
+	
+}
diff --git a/src/main/java/com/devsuperior/bds03/entities/User.java b/src/main/java/com/devsuperior/bds03/entities/User.java
new file mode 100644
index 00000000..8ab808bb
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/entities/User.java
@@ -0,0 +1,146 @@
+package com.devsuperior.bds03.entities;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.JoinTable;
+import javax.persistence.ManyToMany;
+import javax.persistence.Table;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+@Entity
+@Table(name="tb_user")
+public class User implements UserDetails, Serializable{
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 1L;
+	
+	@Id
+	@GeneratedValue(strategy = GenerationType.IDENTITY)
+	private Long id;
+	@Column(unique=true)
+	private String email;
+	private String password;
+	
+	@ManyToMany(fetch=FetchType.EAGER)
+	@JoinTable(name="tb_user_role",
+	    joinColumns = @JoinColumn(name="user_id"), 
+	    inverseJoinColumns = @JoinColumn(name="role_id"))
+	
+	private Set<Role> roles =  new HashSet<>();
+	public User() {}
+
+	public User(Long id,  String email, String password) {
+		super();
+		this.id = id;
+		this.email = email;
+		this.password = password;
+	}
+
+	public Long getId() {
+		return id;
+	}
+
+	public void setId(Long id) {
+		this.id = id;
+	}
+
+
+
+	public String getEmail() {
+		return email;
+	}
+
+	public void setEmail(String email) {
+		this.email = email;
+	}
+
+	public String getPassword() {
+		return password;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	
+	
+	public Set<Role> getRoles() {
+		return roles;
+	}
+
+	@Override
+	public int hashCode() {
+		final int prime = 31;
+		int result = 1;
+		result = prime * result + ((id == null) ? 0 : id.hashCode());
+		return result;
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (this == obj)
+			return true;
+		if (obj == null)
+			return false;
+		if (getClass() != obj.getClass())
+			return false;
+		User other = (User) obj;
+		if (id == null) {
+			if (other.id != null)
+				return false;
+		} else if (!id.equals(other.id))
+			return false;
+		return true;
+	}
+
+	@Override
+	public Collection<? extends GrantedAuthority> getAuthorities() {
+		return roles.stream().map(role -> new SimpleGrantedAuthority(role.getAuthority()))
+				.collect(Collectors.toList());
+	}
+
+	@Override
+	public String getUsername() {
+		return email;
+	}
+
+	@Override
+	public boolean isAccountNonExpired() {
+	
+		return true;
+	}
+
+	@Override
+	public boolean isAccountNonLocked() {
+		return true;
+	}
+
+	@Override
+	public boolean isCredentialsNonExpired() {
+		return true;
+	}
+
+	@Override
+	public boolean isEnabled() {
+		return true;
+	}
+	
+	
+	
+}
diff --git a/src/main/java/com/devsuperior/bds03/repositories/UserRepository.java b/src/main/java/com/devsuperior/bds03/repositories/UserRepository.java
new file mode 100644
index 00000000..d9229a12
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/repositories/UserRepository.java
@@ -0,0 +1,11 @@
+package com.devsuperior.bds03.repositories;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+import com.devsuperior.bds03.entities.User;
+
+public interface UserRepository extends JpaRepository<User, Long> {
+
+	User findByEmail(String email);
+	
+}
diff --git a/src/main/java/com/devsuperior/bds03/services/UserService.java b/src/main/java/com/devsuperior/bds03/services/UserService.java
new file mode 100644
index 00000000..56cee341
--- /dev/null
+++ b/src/main/java/com/devsuperior/bds03/services/UserService.java
@@ -0,0 +1,37 @@
+package com.devsuperior.bds03.services;
+
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import com.devsuperior.bds03.entities.User;
+import com.devsuperior.bds03.repositories.UserRepository;
+
+@Service
+public class UserService implements UserDetailsService{
+
+	private static Logger logger = LoggerFactory.getLogger(UserService.class);
+
+	@Autowired
+	private UserRepository repository;
+	
+	@Override
+	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+		
+		
+		User user = repository.findByEmail(username);
+		if(user==null) {
+			logger.error("User not found: " + username);
+			throw new UsernameNotFoundException("Email not found");
+		}
+		logger.info("User found: " + username);
+		return user;
+		
+	}
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index a7dcd8af..de5668d0 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -1,3 +1,9 @@
-spring.profiles.active=test
+spring.profiles.active=${APP_PROFILE:test}
 
 spring.jpa.open-in-view=false
+
+security.oauth2.client.client-id=${CLIENT_ID:myclientid}
+security.oauth2.client.client-secret=${CLIENT_SECRET:myclientsecret}
+
+jwt.secret=${JWT_SECRET:MY-JWT-SECRET}
+jwt.duration=${JWT_DURATION:86400}
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index 08576c63..619db16b 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -1,3 +1,16 @@
+
+INSERT INTO tb_user (email, password) VALUES ('ana@gmail.com', '$2a$10$eACCYoNOHEqXve8aIWT8Nu3PkMXWBaOxJ9aORUYzfMQCbVBIhZ8tG');
+INSERT INTO tb_user ( email, password) VALUES ('bob@gmail.com', '$2a$10$eACCYoNOHEqXve8aIWT8Nu3PkMXWBaOxJ9aORUYzfMQCbVBIhZ8tG');
+
+INSERT INTO tb_role (authority) VALUES ('ROLE_OPERATOR');
+INSERT INTO tb_role (authority) VALUES ('ROLE_ADMIN');
+
+INSERT INTO tb_user_role (user_id, role_id) VALUES (1, 1);
+INSERT INTO tb_user_role (user_id, role_id) VALUES (2, 1);
+INSERT INTO tb_user_role (user_id, role_id) VALUES (2, 2);
+
+
+
 INSERT INTO tb_department(name) VALUES ('Sales');
 INSERT INTO tb_department(name) VALUES ('Management');
 INSERT INTO tb_department(name) VALUES ('Training');