• Home
• eu.freme-project
• common
• 0.11
• source code
• TokenAuthenticationProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

eu.freme.common.security.TokenAuthenticationProvider Maven / Gradle / Ivy

/**
 * Copyright © 2015 Agro-Know, Deutsches Forschungszentrum für Künstliche Intelligenz, iMinds,
 * Institut für Angewandte Informatik e. V. an der Universität Leipzig,
 * Istituto Superiore Mario Boella, Tilde, Vistatec, WRIPL (http://freme-project.eu)
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package eu.freme.common.security;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

import com.google.common.base.Optional;

import eu.freme.common.persistence.model.Token;
import eu.freme.common.persistence.model.User;
/**
 * @author Jan Nehring - [email protected]
 */
public class TokenAuthenticationProvider implements AuthenticationProvider {

	private TokenService tokenService;

	public TokenAuthenticationProvider(TokenService tokenService) {
		this.tokenService = tokenService;
	}

	@Override
	public Authentication authenticate(Authentication authentication)
			throws AuthenticationException {
		@SuppressWarnings("unchecked")
		Optional token = (Optional) authentication.getPrincipal();
		if (!token.isPresent() || token.get().isEmpty()) {
			throw new BadCredentialsException("Invalid token");
		}

		Token tokenObject = tokenService.retrieve(token.get());
		if (tokenObject == null) {
			throw new BadCredentialsException("Invalid token");
		}
		
		tokenService.updateLastUsed(tokenObject);

		User user = tokenObject.getUser();
		return new AuthenticationWithToken(user, null,
				AuthorityUtils.commaSeparatedStringToAuthorityList(user
						.getRole()), tokenObject);
	}

	@Override
	public boolean supports(Class authentication) {
		return authentication.equals(PreAuthenticatedAuthenticationToken.class);
	}
}