UsernamePasswordAuthenticationFilter.java example

Explorer
MULE-master
- mule-mule-4.x
/*
 * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 * The software in this package is published under the terms of the CPAL v1.0
 * license, a copy of which has been included with this distribution in the
 * LICENSE.txt file.
 */
package org.mule.runtime.core.security;

import org.mule.runtime.api.message.Message;
import org.mule.runtime.core.api.Event;
import org.mule.runtime.core.api.el.ExpressionManager;
import org.mule.runtime.api.security.Authentication;
import org.mule.runtime.core.api.security.SecurityContext;
import org.mule.runtime.api.security.SecurityException;
import org.mule.runtime.core.api.security.SecurityManager;
import org.mule.runtime.api.security.SecurityProviderNotFoundException;
import org.mule.runtime.core.api.security.UnauthorisedException;
import org.mule.runtime.api.security.UnknownAuthenticationTypeException;
import org.mule.runtime.core.config.i18n.CoreMessages;
import org.mule.runtime.core.api.security.DefaultMuleAuthentication;
import org.mule.runtime.core.api.security.DefaultMuleCredentials;

/**
 * Performs authentication based on a username and password. The username and password are retrieved from the {@link Message}
 * based on expressions specified via the username and password setters. These are then used to create a DefaultMuleAuthentication
 * object which is passed to the authenticate method of the {@link SecurityManager}.
 */
public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationFilter {

  private String username = "#[mel:message.inboundProperties.username]";
  private String password = "#[mel:message.inboundProperties.password]";

  public UsernamePasswordAuthenticationFilter() {
    super();
  }

  /**
   * Authenticates the current message.
   *
   * @param event the current message recieved
   * @throws SecurityException if authentication fails
   */
  @Override
  public Event authenticate(Event event)
      throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
    Authentication authentication = getAuthenticationToken(event);
    Authentication authResult;
    try {
      authResult = getSecurityManager().authenticate(authentication);
    } catch (UnauthorisedException e) {
      // Authentication failed
      if (logger.isDebugEnabled()) {
        logger.debug("Authentication request for user: " + username + " failed: " + e.toString());
      }
      throw new UnauthorisedException(CoreMessages.authFailedForUser(authentication.getPrincipal().toString()), e);
    }

    // Authentication success
    if (logger.isDebugEnabled()) {
      logger.debug("Authentication success: " + authResult.toString());
    }

    SecurityContext context = getSecurityManager().createSecurityContext(authResult);
    context.setAuthentication(authResult);
    event.getSession().setSecurityContext(context);

    return event;
  }

  protected Authentication getAuthenticationToken(Event event) throws UnauthorisedException {
    ExpressionManager expressionManager = muleContext.getExpressionManager();

    Object usernameEval = expressionManager.evaluate(username, event).getValue();
    Object passwordEval = expressionManager.evaluate(password, event).getValue();

    if (usernameEval == null) {
      throw new UnauthorisedException(CoreMessages.authNoCredentials());
    }

    if (passwordEval == null) {
      throw new UnauthorisedException(CoreMessages.authNoCredentials());
    }

    return new DefaultMuleAuthentication(new DefaultMuleCredentials(usernameEval.toString(),
                                                                    passwordEval.toString().toCharArray()));
  }

  public String getUsername() {
    return username;
  }

  public String getPassword() {
    return password;
  }

  public void setUsername(String username) {
    this.username = username;
  }

  public void setPassword(String password) {
    this.password = password;
  }

}