CredentialLevelResolver.java

package org.picketlink.authentication.levels.internal;

import org.picketlink.Identity;
import org.picketlink.annotations.PicketLink;
import org.picketlink.authentication.levels.Level;
import org.picketlink.authentication.levels.SecurityLevelResolver;
import org.picketlink.authentication.levels.annotations.SecurityLevel;
import org.picketlink.common.exceptions.PicketLinkException;
import org.picketlink.credential.DefaultLoginCredentials;
import org.picketlink.producer.LevelFactoryResolver;

import javax.enterprise.context.RequestScoped;
import javax.enterprise.inject.Any;
import javax.inject.Inject;

/**
 * Resolves security level from Credentials
 * @author Michal Trnka
 */
@RequestScoped
@PicketLink
public class CredentialLevelResolver implements SecurityLevelResolver {

    @Inject
    DefaultLoginCredentials credentials;

    @Inject
    @Any
    private Identity identity;

    @Inject
    private LevelFactoryResolver levelFactoryResolver;

    protected String getCredentialLevel() {
        if(!identity.isLoggedIn()){
            throw new PicketLinkException();
        }

        if (credentials == null) {
            throw new PicketLinkException();
        }

        Object cred = credentials.getCredential();

        if (cred == null) {
            throw new PicketLinkException();
        }
        return getLevelOfClass(cred);
    }

    private String getLevelOfClass(Object obj) {
        SecurityLevel sl = obj.getClass().getAnnotation(SecurityLevel.class);
        if (sl == null) {
            throw new PicketLinkException();
        }
        return sl.value();
    }

    @Override
    public Level resolve() {
        try{
            String level = getCredentialLevel();
            return levelFactoryResolver.resolve().createLevel(level);
        }catch(PicketLinkException e){
            return null;
        }
    }
}