OneTimeTokenFilter.java example

Explorer
abiquo-master
/**
 * Abiquo community edition
 * cloud management application for hybrid clouds
 * Copyright (C) 2008-2010 - Abiquo Holdings S.L.
 *
 * This application is free software; you can redistribute it and/or
 * modify it under the terms of the GNU LESSER GENERAL PUBLIC
 * LICENSE as published by the Free Software Foundation under
 * version 3 of the License
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * LESSER GENERAL PUBLIC LICENSE v.3 for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the
 * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 * Boston, MA 02111-1307, USA.
 */

package com.abiquo.api.spring.security.onetimetoken.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.SpringSecurityFilter;
import org.springframework.security.ui.WebAuthenticationDetailsSource;
import org.springframework.util.Assert;

import com.abiquo.api.spring.security.onetimetoken.token.OneTimeTokenToken;

public class OneTimeTokenFilter extends SpringSecurityFilter implements InitializingBean
{
    /**
     * In case we decide to use a specific charset.
     */
    private String credentialsCharset = "UTF-8";

    public String getCredentialsCharset()
    {
        return credentialsCharset;
    }

    public void setCredentialsCharset(String credentialsCharset)
    {
        this.credentialsCharset = credentialsCharset;
    }

    /**
     * Details of the authentication.
     */
    private AuthenticationDetailsSource authenticationDetailsSource =
        new WebAuthenticationDetailsSource();

    private AuthenticationManager authenticationManager;

    public AuthenticationManager getAuthenticationManager()
    {
        return authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager)
    {
        this.authenticationManager = authenticationManager;
    }

    /**
     * @see org.springframework.security.ui.SpringSecurityFilter#getOrder()
     */
    @Override
    public int getOrder()
    {
        return 0;
    }

    /**
     * @see org.springframework.security.ui.SpringSecurityFilter#doFilterHttp(javax.servlet.http.HttpServletRequest,
     *      javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain)
     */
    @Override
    protected void doFilterHttp(HttpServletRequest request, HttpServletResponse response,
        FilterChain chain) throws IOException, ServletException
    {

        String header = request.getHeader("Authorization");

        if (logger.isDebugEnabled())
        {
            logger.debug("Authorization header: " + header);
        }
        // one time tokens starts with OneTime
        if ((header != null) && header.startsWith("OneTime "))
        {
            String base64Token = header.substring(8);

            OneTimeTokenToken authRequest = new OneTimeTokenToken(base64Token);
            authRequest.setDetails(authenticationDetailsSource.buildDetails(request));

            Authentication authResult;

            try
            {
                authResult = authenticationManager.authenticate(authRequest);
            }
            catch (AuthenticationException failed)
            {
                // Authentication failed
                if (logger.isDebugEnabled())
                {
                    logger.debug("Authentication request for chef:  failed: " + failed.toString());
                }

                SecurityContextHolder.getContext().setAuthentication(null);

                chain.doFilter(request, response);

                return;
            }

            // Authentication success
            if (logger.isDebugEnabled())
            {
                logger.debug("Authentication success: " + authResult.toString());
            }

            SecurityContextHolder.getContext().setAuthentication(authResult);

        }

        chain.doFilter(request, response);
    }

    /**
     * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
     */
    @Override
    public void afterPropertiesSet() throws Exception
    {
        Assert.notNull(authenticationManager, "authenticationManager can't be null!");
    }

}