ru.mynewtons.starter.oauth2.config.security.AccountAuthenticationProvider Maven / Gradle / Ivy
package ru.mynewtons.starter.oauth2.config.security;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.stereotype.Component;
import ru.mynewtons.starter.oauth2.exception.UserPasswordWrongException;
import ru.mynewtons.starter.oauth2.properties.UsersMessagesProperties;
@Component
@Slf4j
public class AccountAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
@Autowired
private UserDetailsService userService;
@Autowired
private UsersMessagesProperties messagesProperties;
@Autowired
private PasswordEncoder passwordEncoder;
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails,
UsernamePasswordAuthenticationToken authentication) {
SecurityContextHolder.getContext().getAuthentication();
if ((!passwordEncoder.matches((String) authentication.getCredentials(), userDetails.getPassword())) ||
!SecurityContextHolder.getContext().getAuthentication().getAuthorities().containsAll(userDetails.getAuthorities())) {
throw new UserPasswordWrongException(messagesProperties.getMessage("user.auth.data.not.correct"));
}
}
@Override
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) {
return userService.loadUserByUsername(username);
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy