SecurityUtils.java example

Explorer

jhipster-example-master
- src
  - main
    - java
      - com
        mycompany
        myapp
        Application.java
        ApplicationWebXml.java
        aop
        logging
        LoggingAspect.java
        async
        ExceptionHandlingAsyncTaskExecutor.java
        package-info.java
        config
        AsyncConfiguration.java
        CacheConfiguration.java
        CloudDatabaseConfiguration.java
        Constants.java
        DatabaseConfiguration.java
        HerokuDatabaseConfiguration.java
        JacksonConfiguration.java
        LocaleConfiguration.java
        LoggingAspectConfiguration.java
        MailConfiguration.java
        MetricsConfiguration.java
        SecurityConfiguration.java
        ThymeleafConfiguration.java
        WebConfigurer.java
        apidoc
        SwaggerConfiguration.java
        package-info.java
        audit
        AuditEventConverter.java
        package-info.java
        locale
        AngularCookieLocaleResolver.java
        package-info.java
        metrics
        DatabaseHealthIndicator.java
        JHipsterHealthIndicatorConfiguration.java
        JavaMailHealthIndicator.java
        package-info.java
        package-info.java
        domain
        AbstractAuditingEntity.java
        Authority.java
        PersistentAuditEvent.java
        PersistentToken.java
        User.java
        package-info.java
        util
        CustomDateTimeDeserializer.java
        CustomDateTimeSerializer.java
        CustomLocalDateSerializer.java
        ISO8601LocalDateDeserializer.java
        repository
        AuthorityRepository.java
        CustomAuditEventRepository.java
        PersistenceAuditEventRepository.java
        PersistentTokenRepository.java
        UserRepository.java
        package-info.java
        security
        AjaxAuthenticationFailureHandler.java
        AjaxAuthenticationSuccessHandler.java
        AjaxLogoutSuccessHandler.java
        AuthoritiesConstants.java
        CustomPersistentRememberMeServices.java
        Http401UnauthorizedEntryPoint.java
        SecurityUtils.java
        SpringSecurityAuditorAware.java
        UserDetailsService.java
        UserNotActivatedException.java
        package-info.java
        service
        AuditEventService.java
        MailService.java
        UserService.java
        package-info.java
        util
        RandomUtil.java
        web
        filter
        CachingHttpHeadersFilter.java
        CsrfCookieGeneratorFilter.java
        StaticResourcesProductionFilter.java
        gzip
        GZipResponseUtil.java
        GZipServletFilter.java
        GZipServletOutputStream.java
        GZipServletResponseWrapper.java
        GzipResponseHeadersNotModifiableException.java
        package-info.java
        package-info.java
        propertyeditors
        LocaleDateTimeEditor.java
        package-info.java
        rest
        AccountResource.java
        AuditResource.java
        LogsResource.java
        UserResource.java
        dto
        LoggerDTO.java
        UserDTO.java
        package-info.java
        package-info.java
        util
        PaginationUtil.java
  - test
    - java
      - com
        mycompany
        myapp
        security
        SecurityUtilsTest.java
        service
        UserServiceTest.java
        web
        rest
        AccountResourceTest.java
        TestUtil.java
        UserResourceTest.java

package com.mycompany.myapp.security;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

/**
 * Utility class for Spring Security.
 */
public final class SecurityUtils {

    private SecurityUtils() {
    }

    /**
     * Get the login of the current user.
     */
    public static String getCurrentLogin() {
        SecurityContext securityContext = SecurityContextHolder.getContext();
        Authentication authentication = securityContext.getAuthentication();
        UserDetails springSecurityUser = null;
        String userName = null;
        if(authentication != null) {
            if (authentication.getPrincipal() instanceof UserDetails) {
                springSecurityUser = (UserDetails) authentication.getPrincipal();
                userName = springSecurityUser.getUsername();
            } else if (authentication.getPrincipal() instanceof String) {
                userName = (String) authentication.getPrincipal();
            }
        }
        return userName;
    }

    /**
     * Check if a user is authenticated.
     *
     * @return true if the user is authenticated, false otherwise
     */
    public static boolean isAuthenticated() {
        SecurityContext securityContext = SecurityContextHolder.getContext();
        Collection<? extends GrantedAuthority> authorities = securityContext.getAuthentication().getAuthorities();
        if (authorities != null) {
            for (GrantedAuthority authority : authorities) {
                if (authority.getAuthority().equals(AuthoritiesConstants.ANONYMOUS)) {
                    return false;
                }
            }
        }
        return true;
    }


    /**
     * If the current user has a specific security role.
     */
    public static boolean isUserInRole(String role) {
        SecurityContext securityContext = SecurityContextHolder.getContext();
        Authentication authentication = securityContext.getAuthentication();
        if(authentication != null) {
            if (authentication.getPrincipal() instanceof UserDetails) {
                UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal();
                return springSecurityUser.getAuthorities().contains(new SimpleGrantedAuthority(role));
            }
        }
        return false;
    }
}