Skip to content

Instantly share code, notes, and snippets.

/CustomAuthenticationProvider.java Secret

Created August 30, 2014 15:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/b73cf93b3d0c2534813e to your computer and use it in GitHub Desktop.
Save anonymous/b73cf93b3d0c2534813e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
CustomAuthenticationProvider.java
package com.blabadi.sec.oauth.provider;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
public class CustomAuthenticationProvider implements AuthenticationProvider {
/** LoginService service bean */
@Autowired
LoginService loginSvc;
/** Logger */
private final static Logger logger = LoggerFactory.getLogger(CustomAuthenticationProvider.class);
/**
* Override the authenticate method to implement our custom authentication logic agains LoginService api.
*/
public Authentication authenticate(Authentication auth) throws AuthenticationException {
logger.debug("entered CustomAuthenticationProvider.authenticate() with arguments: {}", auth.toString());
//extract user name and password from Authentication instance
String userName = (String) auth.getPrincipal();
String password = (String) auth.getCredentials();
//call LoginService login to authenticate the user name and password
logger.debug("calling LoginService.login for user: {}", userName);
String userId = loginSvc.login(userName, password);
//check validity of the user Id returned, if it's valid => authentication successful.
if (loginSvc.validateUserId(userId)) {
logger.info("user {} authentication with LoginService was successful, found userId : {}", userName, userId);
logger.debug("getting user: {} roles from LoginService", userName);
List<String> userRoles = loginSvc.getUserRoles(userId);
logger.info("retrieved user roles from LoginService");
//create GrantedAuthority collection from retrieved roles
Collection<SimpleGrantedAuthority> authorties = fillUserAuthorities(userRoles);
//create a fully populated authentication object
Authentication filledAuthentication = new UsernamePasswordAuthenticationToken(userName, password, authorties);
logger.info("created fully populated authentication object {}", filledAuthentication.toString());
logger.debug("exiting authenticate()");
return filledAuthentication;
} else {
logger.error("authentication failed against LoginService, invalid userId : {} , was returned", userId);
//throw an exception to indicate failure of authentication process
throw new BadCredentialsException("Invalid credentials");
}
}
public boolean supports(Class<?> arg0) {
return true;
}
/**
* utility method to convert the user roles to a Collection<GrantedAuthority> for spring security to deal with
* @param roles the list of roles as string
* @return a collection of SimpleGrantedAuthority that represent user roles
*/
private Collection<SimpleGrantedAuthority> fillUserAuthorities(List<String> roles) {
Collection<SimpleGrantedAuthority> authorties = new ArrayList<SimpleGrantedAuthority>();
for(String role : roles) {
authorties.add(new SimpleGrantedAuthority(role));
}
return authorties;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment