• Home
• io.kwy.boot
• spring-boot
• 1.5.3.RELEASE
• source code
• LdapUserDetailsMapperCustom.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.springframework.security.ldap.userdetails.LdapUserDetailsMapperCustom Maven / Gradle / Ivy

package org.springframework.security.ldap.userdetails;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.MutablePropertyValues;
import org.springframework.boot.bind.RelaxedDataBinder;
import org.springframework.context.annotation.Scope;
import org.springframework.context.annotation.ScopedProxyMode;
import org.springframework.ldap.NoSuchAttributeException;
import org.springframework.ldap.core.AttributesMapper;
import org.springframework.ldap.core.ContextMapper;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.support.LdapUtils;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.StringUtils;
import org.springframework.web.context.WebApplicationContext;

/**
 * @see DaoAuthenticationProvider#setHideUserNotFoundExceptions(boolean)
 * @see Scope#value()
 * @see Scope#proxyMode()
 * @see WebApplicationContext#SCOPE_SESSION
 * @see ScopedProxyMode#TARGET_CLASS
 * @see InetOrgPersonContextMapper
 */
public class LdapUserDetailsMapperCustom extends LdapUserDetailsMapper implements AttributesMapper, ContextMapper {
  private final Log logger = LogFactory.getLog(LdapUserDetailsMapperCustom.class);

  // private final Pattern pattern = Pattern.compile("(name)", Pattern.CASE_INSENSITIVE |
  // Pattern.DOTALL | Pattern.MULTILINE);

  private final UserDetailsService userDetailsService;
  private final Class clazz;
  private final List names;
  private boolean allow;

  /**
   * 
   * name.replaceAll("[(](.*?)[)]", "")
   * 
   * 
   * {@code employeeID}, {@code telephoneNumber}, {@code department}, {@code mail},
   * {@code title}, {@code thumbnailPhoto}, {@code pwdLastSet}, {@code lastLogon},
   * {@code lastLogonTimestamp}, {@code lockoutTime}, {@code name}, {@code ADsPath},
   * {@code distinguishedName}, {@code userPrincipalName}
   */
  public LdapUserDetailsMapperCustom(UserDetailsService userDetailsService, Class clazz, String... names) {
    this.userDetailsService = userDetailsService;
    this.clazz = clazz;
    this.names = Arrays.asList(names);
  }

  public LdapUserDetailsMapperCustom(UserDetailsService userDetailsService) {
    this.userDetailsService = userDetailsService;
    this.clazz = null;
    this.names = null;
  }

  /**
   * @see org.springframework.ldap.core.DirContextAdapter
   */
  @Override
  public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection authorities) {
    Map attributes = new HashMap();

    UserDetails userDetails = super.mapUserFromContext(ctx, username, authorities);
    try {
      userDetails = this.userDetailsService.loadUserByUsername(username);
    }
    catch (UsernameNotFoundException e) {
      if (this.allow) {
        attributes.put("id", 0L);

        attributes.put("username", username);

        String name = StringUtils.hasText(name = ctx.getStringAttribute("name")) ? name.replaceAll("[(](.*?)[)]", "") : username;
        attributes.put("name", name);

        attributes.put("authorities", AuthorityUtils.authorityListToSet(authorities));

        logger.trace("Create User... from " + userDetails.getUsername() + " (" + e.getMessage() + ")");
        userDetails = BeanUtils.instantiate(this.clazz);
      }
      else {
        throw e;
      }
    }

    for (String name : this.names) {
      // if (ctx.attributeExists(name) && !pattern.matcher(name).find()) {
      attributes.put(name, ctx.getObjectAttribute(name));
      // }
    }
    new RelaxedDataBinder(userDetails).bind(new MutablePropertyValues(attributes));
    return userDetails;
  }

  @Override
  public T mapFromAttributes(Attributes attributes) throws NamingException {
    T userDetails = BeanUtils.instantiate(this.clazz);

    Map original = new HashMap();
    original.put("employeeID", getObjectAttribute(attributes, "employeeID"));
    original.put("telephoneNumber", getObjectAttribute(attributes, "telephoneNumber"));
    original.put("department", getObjectAttribute(attributes, "department"));
    original.put("mail", getObjectAttribute(attributes, "mail"));
    original.put("title", getObjectAttribute(attributes, "title"));
    original.put("thumbnailPhoto", getObjectAttribute(attributes, "thumbnailPhoto"));
    original.put("pwdLastSet", getObjectAttribute(attributes, "pwdLastSet"));
    original.put("lastLogon", getObjectAttribute(attributes, "lastLogon"));
    original.put("lastLogonTimestamp", getObjectAttribute(attributes, "lastLogonTimestamp"));
    original.put("lockoutTime", getObjectAttribute(attributes, "lockoutTime"));
    original.put("name", getObjectAttribute(attributes, "name"));
    original.put("ADsPath", getObjectAttribute(attributes, "ADsPath"));
    original.put("distinguishedName", getObjectAttribute(attributes, "distinguishedName"));

    original.put("authorities", AuthorityUtils.authorityListToSet(loadUserAuthorities(attributes, "memberOf")));

    new RelaxedDataBinder(userDetails).bind(new MutablePropertyValues(original));
    return userDetails;
  }

  @Override
  public T mapFromContext(Object ctx) throws NamingException {
    T userDetails = BeanUtils.instantiate(this.clazz);

    Attributes attributes = ((DirContextAdapter) ctx).getAttributes();

    Map original = new HashMap();
    original.put("employeeID", getObjectAttribute(attributes, "employeeID"));
    original.put("telephoneNumber", getObjectAttribute(attributes, "telephoneNumber"));
    original.put("department", getObjectAttribute(attributes, "department"));
    original.put("mail", getObjectAttribute(attributes, "mail"));
    original.put("title", getObjectAttribute(attributes, "title"));
    original.put("thumbnailPhoto", getObjectAttribute(attributes, "thumbnailPhoto"));
    original.put("pwdLastSet", getObjectAttribute(attributes, "pwdLastSet"));
    original.put("lastLogon", getObjectAttribute(attributes, "lastLogon"));
    original.put("lastLogonTimestamp", getObjectAttribute(attributes, "lastLogonTimestamp"));
    original.put("lockoutTime", getObjectAttribute(attributes, "lockoutTime"));
    original.put("name", getObjectAttribute(attributes, "name"));
    original.put("ADsPath", getObjectAttribute(attributes, "ADsPath"));
    original.put("distinguishedName", getObjectAttribute(attributes, "distinguishedName"));
    original.put("userPassword", getObjectAttribute(attributes, "userPassword"));

    original.put("authorities", AuthorityUtils.authorityListToSet(loadUserAuthorities(attributes, "memberOf")));

    new RelaxedDataBinder(userDetails).bind(new MutablePropertyValues(original));
    return userDetails;
  }

  private Collection loadUserAuthorities(Attributes attributes, String name) {
    String[] groups;
    try {
      List objects = new LinkedList();
      LdapUtils.collectAttributeValues(attributes, name, objects, String.class);
      if ((groups = objects.toArray(new String[objects.size()])) == null) {
        throw new NoSuchAttributeException("No values for 'memberOf' attribute.");
      }
    }
    catch (NoSuchAttributeException e) {
      logger.debug("No values for 'memberOf' attribute.");
      return AuthorityUtils.NO_AUTHORITIES;
    }

    if (logger.isDebugEnabled()) {
      logger.debug("'memberOf' attribute values: " + Arrays.asList(groups));
    }

    ArrayList authorities = new ArrayList();
    for (String group : groups) {
      java.util.List rdns = LdapUtils.newLdapName(group).getRdns();
      int size = rdns.size();
      Object value;
      if (size > 0 && (value = rdns.get(size - 1).getValue()) instanceof String) {
        authorities.add(new SimpleGrantedAuthority((String) value));
      }
    }
    return authorities;
  }

  private Object getObjectAttribute(Attributes attributes, String name) {
    Attribute oneAttr = attributes.get(name);
    if (oneAttr == null || oneAttr.size() == 0) { // LDAP-215
      return null;
    }
    try {
      return oneAttr.get();
    }
    catch (NamingException e) {
      throw LdapUtils.convertLdapException(e);
    }
  }

  public void setAllow(boolean allow) {
    this.allow = allow;
  }
}