All Downloads are FREE. Search and download functionalities are using the official Maven repository.

ru.mynewtons.starter.oauth2.config.security.AccountAuthenticationProvider Maven / Gradle / Ivy

There is a newer version: 1.0.9
Show newest version
package ru.mynewtons.starter.oauth2.config.security;


import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.crypto.password.StandardPasswordEncoder;
import org.springframework.stereotype.Component;
import ru.mynewtons.starter.oauth2.exception.UserPasswordWrongException;
import ru.mynewtons.starter.oauth2.properties.UsersMessagesProperties;

@Component
@Slf4j
public class AccountAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {

    @Autowired
    private UserDetailsService userService;

    @Autowired
    private UsersMessagesProperties messagesProperties;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails,
                                                  UsernamePasswordAuthenticationToken authentication) {
        SecurityContextHolder.getContext().getAuthentication();
        if ((!passwordEncoder.matches((String) authentication.getCredentials(), userDetails.getPassword())) ||
                !SecurityContextHolder.getContext().getAuthentication().getAuthorities().containsAll(userDetails.getAuthorities())) {
            throw new UserPasswordWrongException(messagesProperties.getMessage("user.auth.data.not.correct"));
        }
    }

    @Override
    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) {
        return userService.loadUserByUsername(username);
    }

}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy