/**
* Copyright 2011 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.bricket.plugin.authentication.service.impl;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.bricket.plugin.authentication.service.AuthenticationService;
import org.bricket.plugin.authentication.service.AuthenticationServiceException;
import org.bricket.plugin.mail.service.MailPluginService;
import org.bricket.plugin.role.domain.Role;
import org.bricket.plugin.role.service.RoleService;
import org.bricket.plugin.user.domain.User;
import org.bricket.plugin.user.service.UserService;
import org.bricket.plugin.user.service.impl.UserDetailsImpl;
import org.bricket.plugin.user_role.service.UserRoleService;
import org.bricket.service.BricketServiceException;
import org.bricket.service.BricketServiceImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import brix.plugins.springsecurity.BrixUserProvider;
@Service(value = "authenticationService")
@Transactional(readOnly = true)
public class AuthenticationServiceImpl extends BricketServiceImpl implements AuthenticationService, UserDetailsService,
BrixUserProvider {
private final Logger log = LoggerFactory.getLogger(AuthenticationServiceImpl.class);
@Autowired
@Qualifier("authenticationManager")
private AuthenticationManager authenticationManager;
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private UserRoleService userRoleService;
@Autowired
private MailPluginService mailPluginService;
@Transactional
@Override
protected void onInit() throws BricketServiceException {
userService.init();
roleService.init();
userRoleService.init();
mailPluginService.init();
log.info("user service initialized");
}
@Override
public UserDetails loadUserByUsername(String email) {
final User user = userService.loadUserByEmail(email);
if (user == null) {
throw new UsernameNotFoundException("no user for email: " + email);
}
return new UserDetailsImpl(user, userRoleService.loadRolesByUser(user));
}
@Override
@Transactional
public void signupUser(User user) throws BricketServiceException {
signupUser(user, false);
}
@Override
@Transactional
public void signupUser(User user, boolean sendActivationMail) throws BricketServiceException {
signupUser(user, sendActivationMail, Collections.<String> emptyList());
}
@Override
@Transactional
public void signupUser(User user, boolean sendActivationMail, List<String> roles) throws BricketServiceException {
try {
User u = userService.saveUser(user);
log.debug("signup user: {}", u);
userRoleService.assignRoles(user, roles);
if (sendActivationMail) {
try {
mailPluginService.sendSignupMail(u);
} catch (BricketServiceException e) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_SIGNUP_FAILED, e);
}
} else {
activateUser(u);
}
} catch (BricketServiceException e) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_SIGNUP_FAILED, e);
}
}
@Override
public User authenticateUser(String email, String password) throws BricketServiceException {
try {
Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(
email, password));
SecurityContextHolder.getContext().setAuthentication(authentication);
if (authentication.isAuthenticated() && authentication.getPrincipal() instanceof UserDetailsImpl) {
User user = ((UserDetailsImpl) authentication.getPrincipal()).getUser();
log.debug("authenticated user: {}", user);
return user;
}
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_AUTHENTICATION_FAILED);
} catch (DisabledException de) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_USER_DISABLED, de);
} catch (LockedException le) {
throw new AuthenticationServiceException(AuthenticationServiceException.AUTHENTICATION_SERVICE_USER_LOCKED,
le);
} catch (BadCredentialsException bce) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_BAD_CREDENTIALS, bce);
} catch (AuthenticationException ae) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_AUTHENTICATION_FAILED, ae);
} catch (RuntimeException re) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_AUTHENTICATION_FAILED, re);
}
}
@Override
@Transactional
public void activateUser(String email, String activationKey) throws BricketServiceException {
activateUser(userService.loadUserByEmailAndActivationKey(email, activationKey));
}
private void activateUser(User user) throws BricketServiceException {
if (user != null && !user.isEnabled()) {
try {
user.setEnabled(true);
userService.saveUser(user);
log.debug("activated user: {}", user);
return;
} catch (BricketServiceException bse) {
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_ACTIVATION_FAILED, bse);
}
}
throw new AuthenticationServiceException(
AuthenticationServiceException.AUTHENTICATION_SERVICE_ACTIVATION_FAILED);
}
@Override
public List<GrantedAuthority> getAllAuthorities() {
ArrayList<GrantedAuthority> res = new ArrayList<GrantedAuthority>();
List<Role> roles = roleService.loadAllRoles();
for (Role role : roles) {
res.add(new GrantedAuthorityImpl(role.getName()));
}
return res;
}
@Override
public GrantedAuthority getGrantedAuthorityByID(String name) {
return new GrantedAuthorityImpl(roleService.loadRoleByName(name).getName());
}
}