All Downloads are FREE. Search and download functionalities are using the official Maven repository.

nz.co.katatech.springboot.security.stateless.UsernamePasswordTokenAuthenticationConverter Maven / Gradle / Ivy

Go to download

Stateless security using JWT token. Includes stateless CSRF protection, integration OAuth2SSO

There is a newer version: 1.2
Show newest version
package nz.co.katatech.springboot.security.stateless;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;

public class UsernamePasswordTokenAuthenticationConverter implements AuthenticationConverter {

    private final ObjectMapper objectMapper = new ObjectMapper();

    public static class UserAndRoles {
        private final @JsonProperty String user;
        private final @JsonProperty List roles;

        private UserAndRoles( @JsonProperty( "user" ) String user, @JsonProperty( "roles" ) List roles ) {
            this.user = user;
            this.roles = roles;
        }
    }

    @Override
    public String convert( Authentication authentication ) {
        try {
            return objectMapper.writeValueAsString( new UserAndRoles(
                String.valueOf( authentication.getPrincipal() ),
                authentication.getAuthorities().stream().map( GrantedAuthority::getAuthority ).collect( Collectors.toList() )
            ) );
        } catch ( JsonProcessingException e ) {
            throw new RuntimeException( e );
        }

    }

    @Override
    public Authentication convert( String token ) {
        try {
            UserAndRoles userAndRoles = objectMapper.readValue( token, UserAndRoles.class );
            return new UsernamePasswordAuthenticationToken(
                userAndRoles.user,
                "N/A",
                userAndRoles.roles.stream().map( SimpleGrantedAuthority::new ).collect( Collectors.toList() )
            );

        } catch ( IOException e ) {
            throw new RuntimeException( e );
        }

    }
}





© 2015 - 2024 Weber Informatics LLC | Privacy Policy