• Home
• cn.ocoop.framework
• spring-in
• 1.0.3
• source code
• HttpBasicAuthorizingRealm.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

cn.ocoop.shiro.authc.realm.HttpBasicAuthorizingRealm Maven / Gradle / Ivy

package cn.ocoop.shiro.authc.realm;

import cn.ocoop.shiro.HttpBasicToken;
import cn.ocoop.shiro.authc.realm.resolves.delegate.HttpBasicSubjectAware;
import cn.ocoop.shiro.authz.SimpleAuthorizationInfoOrdered;
import cn.ocoop.shiro.subject.BasicHttpAuthcUser;
import cn.ocoop.spring.App;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.SimpleByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;

import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;

/**
 * Created by liolay on 2016/12/6.
 */
public class HttpBasicAuthorizingRealm extends AbstractAuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger(HttpBasicAuthorizingRealm.class);
    private static final Map usernameRefAuthenticationInfo = new HashMap<>();
    private static final Map usernameRefAuthorizationInfo = new HashMap<>();
    private static final Collection users = getUsers();

    {
        users.stream().forEach(basicHttpAuthcUser -> {
            usernameRefAuthenticationInfo.put(
                    basicHttpAuthcUser.getUser().getUsername(),
                    new SimpleAuthenticationInfo(
                            basicHttpAuthcUser.getUser().getUsername(), //用户名
                            basicHttpAuthcUser.getUser().getPassword(), //密码
                            new SimpleByteSource(basicHttpAuthcUser.getUser().getSalt()),
                            getName()  //realm name
                    )
            );
            SimpleAuthorizationInfoOrdered authorizationInfo = new SimpleAuthorizationInfoOrdered();
            authorizationInfo.setStringPermissions(basicHttpAuthcUser.getPerms());
            usernameRefAuthorizationInfo.put(basicHttpAuthcUser.getUser().getUsername(), authorizationInfo);
        });
    }

    private static Collection getUsers() {
        Collection users = null;
        try {
            users = App.getBean(HttpBasicSubjectAware.class).getUsers();
        } catch (NoSuchBeanDefinitionException e) {
            log.warn("HttpBasicSubjectAware未配置");
        }
        if (users == null) users = new HashSet<>();
        return users;
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return super.supports(token) && HttpBasicToken.class.isAssignableFrom(token.getClass());
    }

    @Override
    public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return usernameRefAuthorizationInfo.get(principals.getPrimaryPrincipal());
    }


    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        return usernameRefAuthenticationInfo.get(token.getPrincipal());
    }
}