SAMLAuthenticatedPrincipal.java example

Explorer

apis-master
- apis-authorization-server
  - src
    - main
      - java
        org
        surfnet
        oaaas
        auth
        AbstractAuthenticator.java
        AbstractFilter.java
        AbstractUserConsentHandler.java
        AuthenticationFilter.java
        LocalResourceOwnerAuthenticator.java
        OAuth2Validator.java
        OAuth2ValidatorImpl.java
        ResourceOwnerAuthenticator.java
        UserConsentFilter.java
        ValidationResponseException.java
        cas
        CasAuthenticator.java
        CasUser.java
        PostCasAuthenticationFilter.java
        model
        AbstractEntity.java
        AccessToken.java
        AccessTokenRequest.java
        AccessTokenResponse.java
        AuthorizationRequest.java
        Client.java
        ErrorResponse.java
        ResourceOwner.java
        ResourceServer.java
        StatisticsResponse.java
        ValidationErrorResponse.java
        validation
        AbstractEntityValid.java
        AbstractEntityValidator.java
        noop
        NoopAdminAuthenticator.java
        NoopAuthenticator.java
        NoopResourceOwnerAuthenticator.java
        NoopUserConsentHandler.java
        repository
        AccessTokenRepository.java
        AuthorizationRequestRepository.java
        ClientRepository.java
        ExceptionTranslator.java
        OpenJPAExceptionTranslator.java
        ResourceOwnerRepository.java
        ResourceServerRepository.java
        resource
        RevokeResource.java
        TokenResource.java
        VerifyResource.java
        resourceserver
        AbstractResource.java
        AccessTokenResource.java
        ClientResource.java
        ResourceOwnerResource.java
        ResourceServerResource.java
        support
        Cleaner.java
    - test
      - java
        org
        surfnet
        oaaas
        auth
        LocalResourceOwnerAuthenticatorTest.java
        OAuth2ValidatorImplTest.java
        model
        AbstractEntityTest.java
        AccessTokenTest.java
        ClientTest.java
        ResourceOwnerTest.java
        ResourceServerTest.java
        repository
        AbstractTestRepository.java
        AccessTokenRepositoryTest.java
        AuthorizationRequestRepositoryTest.java
        ClientRepositoryTest.java
        ResourceOwnerRepositoryTest.java
        ResourceServerRepositoryTest.java
        resource
        TokenResourceTest.java
        resourceserver
        AccessTokenResourceTest.java
        ClientResourceTest.java
        ResourceOwnerResourceTest.java
        ResourceServerResourceTest.java
- apis-authorization-server-war
  - src
    - main
      - java
        org
        surfnet
        oaaas
        authentication
        FormLoginAuthenticator.java
        config
        CasSpringConfiguration.java
        SpringConfiguration.java
        consent
        FormUserConsentHandler.java
        logging
        LogbackConfigLocationListener.java
    - test
      - java
        org
        surfnet
        oaaas
        config
        SpringConfigTest.java
        it
        AbstractAuthorizationServerTest.java
        ClientCredentialGrantTestIT.java
        ClientResourceTestIT.java
        ResourceServerTestIT.java
        VerifyResourceTestIT.java
        selenium
        AuthorizationCodeRequestHandler.java
        AuthorizationCodeTestIT.java
        ImplicitGrantTestIT.java
        RefreshTokenTestIT.java
        SeleniumSupport.java
- apis-example-client-app
  - src
    - main
      - java
        org
        surfnet
        oaaas
        config
        SpringConfiguration.java
        web
        ClientController.java
        ClientSettings.java
- apis-example-resource-server
  - src
    - main
      - java
        org
        surfnet
        oaaas
        example
        api
        AuthConfiguration.java
        OAuthAuthenticator.java
        UniversityFooConfiguration.java
        UniversityFooService.java
        domain
        Course.java
        Student.java
        University.java
        resource
        UniversityResource.java
- apis-example-resource-server-war
  - src
    - test
      - java
        org
        surfnet
        oaaas
        it
        AuthorizationFilterIntegration.java
- apis-openconext-mock-war
  - src
    - main
      - java
        org
        surfnet
        oaaas
        conext
        mock
        OpenConextServlet.java
- apis-resource-server-library
  - src
    - main
      - java
        org
        surfnet
        oaaas
        auth
        AuthorizationServerFilter.java
        ObjectMapperProvider.java
        principal
        AuthenticatedPrincipal.java
        BasicAuthCredentials.java
        model
        TokenResponseCache.java
        TokenResponseCacheImpl.java
        VerifyTokenResponse.java
    - test
      - java
        org
        surfnet
        oaaas
        auth
        AuthorizationServerFilterTest.java
        principal
        AuthenticatedPrincipalTest.java
        BasicAuthCredentialsTest.java
        model
        TokenResponseCacheTest.java
- apis-surfconext-authn
  - src
    - main
      - java
        org
        surfnet
        oaaas
        conext
        OpenSAMLContext.java
        SAMLAuthenticatedPrincipal.java
        SAMLAuthenticator.java
        SAMLProvisioner.java
        mock
        OpenConextOAuthClientMock.java
    - test
      - java
        org
        surfnet
        oaaas
        conext
        SAMLAuthenticatedPrincipalTest.java
- jetty-connector
  - src
    - main
      - java
        org
        surfnet
        oaaas
        jetty
        SelectChannelConnectorHttps.java
    - test
      - java
        org
        surfnet
        oaaas
        jetty
        SelectChannelConnectorHttpsTest.java

package org.surfnet.oaaas.conext;

import org.codehaus.jackson.annotate.JsonAutoDetect;
import org.codehaus.jackson.annotate.JsonIgnore;
import org.codehaus.jackson.annotate.JsonMethod;
import org.codehaus.jackson.map.DeserializationConfig;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.annotate.JsonSerialize;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.CollectionUtils;
import org.surfnet.oaaas.auth.principal.AuthenticatedPrincipal;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Map;

/**
 *
 */
public class SAMLAuthenticatedPrincipal extends AuthenticatedPrincipal implements UserDetails{

  @JsonIgnore
  private final static String IDENTITY_PROVIDER = "IDENTITY_PROVIDER";

  @JsonIgnore
  private final static String DISPLAY_NAME = "DISPLAY_NAME";

  public SAMLAuthenticatedPrincipal() {
  }

  public SAMLAuthenticatedPrincipal(String username, Collection<String> roles, Map<String, String> attributes, Collection<String> groups, String identityProvider, String displayName, boolean adminPrincipal) {
    super(username, roles, attributes, groups);
    addAttribute(IDENTITY_PROVIDER, identityProvider);
    addAttribute(DISPLAY_NAME, displayName);
    setAdminPrincipal(adminPrincipal);
  }

  @JsonIgnore
  @Override
  public Collection<? extends GrantedAuthority> getAuthorities() {
    ArrayList<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
    if (!CollectionUtils.isEmpty(getRoles())) {
      for (final String role : getRoles()) {
        authorities.add(new GrantedAuthority(){
          public String getAuthority() {
            return role;
          }
        });
      }
    }
    return authorities;
  }

  @JsonIgnore
  @Override
  public String getPassword() {
    throw new RuntimeException("SAML based authentication does not support passwords on the receiving end");
  }

  @JsonIgnore
  @Override
  public String getUsername() {
    return getName();
  }

  @Override
  public String getDisplayName() {
    return getAttributes().get(DISPLAY_NAME);
  }

  @JsonIgnore
  @Override
  public boolean isAccountNonExpired() {
    return true;
  }

  @JsonIgnore
  @Override
  public boolean isAccountNonLocked() {
    return true;
  }

  @JsonIgnore
  @Override
  public boolean isCredentialsNonExpired() {
    return true;
  }

  @JsonIgnore
  @Override
  public boolean isEnabled() {
    return true;
  }

  @JsonIgnore
  public String getIdentityProvider() {
    return getAttributes().get(IDENTITY_PROVIDER);
  }

}