OAuth2PasswordAuthenticator.java example

Explorer
poseidon-rest-master
- app
- test
package auth;

import auth.models.Token;
import auth.models.User;
import com.avaje.ebean.Ebean;


public class OAuth2PasswordAuthenticator extends Authenticator {

  private final PasswordHasher hasher;

  public OAuth2PasswordAuthenticator() {

    hasher = new PasswordHasher();
  }

  @Override
  public Token authenticate(Authentication anAuthentication) {
    if (GrantType.PASSWORD != anAuthentication.getGrantType()) {
      return null;
    }
    OAuth2PasswordAuthentication authentication = (OAuth2PasswordAuthentication) anAuthentication;

    // Client client = Client.findByClientId(authentication.getClientId());
    User user = User.findByUsername(authentication.getUsername());

    if (user != null   && user.isActive
        //   && client !=null
        && validPassword(authentication.getPassword(), user.passwordHash)
      //    && client.validClientSecret(authentication.getClientSecret())
        ) {

      // Token token = new Token(generateValidScopesForToken(authentication.getScope(), client), client, user, GrantType.PASSWORD);
      Token token = new Token(user, GrantType.PASSWORD);
      Ebean.save(token);
      return token;
    }
    else {
      return null;
    }
  }

  private boolean validPassword(String givenPassword, String userHash) {

    return givenPassword != null &&
        userHash != null &&
        hasher.authenticate(givenPassword,new PasswordHash(userHash));
  }
}