AuthenticationProvider.java example

Explorer

Mujina-master
- mujina-common
  - src
    - main
      - java
        mujina
        api
        Credential.java
        ErrorController.java
        SharedConfiguration.java
        SharedController.java
        saml
        KeyStoreLocator.java
        ProxiedSAMLContextProviderLB.java
        SAMLAttribute.java
        SAMLBuilder.java
        SAMLPrincipal.java
- mujina-idp
  - src
    - main
      - java
        mujina
        MujinaIdpApplication.java
        api
        AuthenticationMethod.java
        IdpConfiguration.java
        IdpController.java
        IdpErrorController.java
        User.java
        idp
        AuthenticationProvider.java
        MetadataController.java
        SAMLMessageHandler.java
        SsoController.java
        UserController.java
        WebSecurityConfigurer.java
    - test
      - java
        mujina
        AbstractIntegrationTest.java
        api
        IdpControllerTest.java
        idp
        AuthenticationProviderTest.java
        MetadataControllerTest.java
        SsoControllerTest.java
        UserControllerTest.java
- mujina-sp
  - src
    - main
      - java
        mujina
        MujinaSpApplication.java
        api
        SpConfiguration.java
        SpController.java
        SpErrorController.java
        sp
        ConfigurableSAMLProcessor.java
        DefaultMetadataDisplayFilter.java
        DefaultSAMLUserDetailsService.java
        ResourceMetadataProvider.java
        RoleSAMLAuthenticationProvider.java
        SAMLConfig.java
        UserController.java
        WebSecurityConfigurer.java
    - test
      - java
        mujina
        AbstractIntegrationTest.java
        api
        SpControllerTest.java
        sp
        MetadataEndPointTest.java
        UserControllerTest.java

package mujina.idp;

import mujina.api.IdpConfiguration;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

import java.util.Arrays;

import static mujina.api.AuthenticationMethod.ALL;

public class AuthenticationProvider implements org.springframework.security.authentication.AuthenticationProvider {

  private final IdpConfiguration idpConfiguration;

  public AuthenticationProvider(IdpConfiguration idpConfiguration) {
    this.idpConfiguration = idpConfiguration;
  }

  @Override
  public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    if (idpConfiguration.getAuthenticationMethod().equals(ALL)) {
      return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), Arrays.asList(
        new SimpleGrantedAuthority("ROLE_ADMIN"), new SimpleGrantedAuthority("ROLE_USER")
      ));
    } else {
      return idpConfiguration.getUsers().stream()
        .filter(token ->
          token.getPrincipal().equals(authentication.getPrincipal()) &&
            token.getCredentials().equals(authentication.getCredentials()))
        .findFirst().map(usernamePasswordAuthenticationToken -> new UsernamePasswordAuthenticationToken(
          //need top copy or else credentials are erased for future logins
          usernamePasswordAuthenticationToken.getPrincipal(),
          usernamePasswordAuthenticationToken.getCredentials(),
          usernamePasswordAuthenticationToken.getAuthorities()
        ))
        .orElseThrow(() -> new AuthenticationException("User not found or bad credentials") {
        });
    }
  }

  @Override
  public boolean supports(Class<?> authentication) {
    return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
  }
}