CustomUserDetailsService.java

/*
 * Copyright 2002-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.samples.openid;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationToken;

/**
 * Custom UserDetailsService which accepts any OpenID user, "registering" new users in a
 * map so they can be welcomed back to the site on subsequent logins.
 *
 * @author Luke Taylor
 * @since 3.1
 */
public class CustomUserDetailsService implements UserDetailsService,
		AuthenticationUserDetailsService<OpenIDAuthenticationToken> {

	private final Map<String, CustomUserDetails> registeredUsers = new HashMap<String, CustomUserDetails>();

	private static final List<GrantedAuthority> DEFAULT_AUTHORITIES = AuthorityUtils
			.createAuthorityList("ROLE_USER");

	/**
	 * Implementation of {@code UserDetailsService}. We only need this to satisfy the
	 * {@code RememberMeServices} requirements.
	 */
	public UserDetails loadUserByUsername(String id) throws UsernameNotFoundException {
		UserDetails user = registeredUsers.get(id);

		if (user == null) {
			throw new UsernameNotFoundException(id);
		}

		return user;
	}

	/**
	 * Implementation of {@code AuthenticationUserDetailsService} which allows full access
	 * to the submitted {@code Authentication} object. Used by the
	 * OpenIDAuthenticationProvider.
	 */
	public UserDetails loadUserDetails(OpenIDAuthenticationToken token) {
		String id = token.getIdentityUrl();

		CustomUserDetails user = registeredUsers.get(id);

		if (user != null) {
			return user;
		}

		String email = null;
		String firstName = null;
		String lastName = null;
		String fullName = null;

		List<OpenIDAttribute> attributes = token.getAttributes();

		for (OpenIDAttribute attribute : attributes) {
			if (attribute.getName().equals("email")) {
				email = attribute.getValues().get(0);
			}

			if (attribute.getName().equals("firstname")) {
				firstName = attribute.getValues().get(0);
			}

			if (attribute.getName().equals("lastname")) {
				lastName = attribute.getValues().get(0);
			}

			if (attribute.getName().equals("fullname")) {
				fullName = attribute.getValues().get(0);
			}
		}

		if (fullName == null) {
			StringBuilder fullNameBldr = new StringBuilder();

			if (firstName != null) {
				fullNameBldr.append(firstName);
			}

			if (lastName != null) {
				fullNameBldr.append(" ").append(lastName);
			}
			fullName = fullNameBldr.toString();
		}

		user = new CustomUserDetails(id, DEFAULT_AUTHORITIES);
		user.setEmail(email);
		user.setName(fullName);

		registeredUsers.put(id, user);

		user = new CustomUserDetails(id, DEFAULT_AUTHORITIES);
		user.setEmail(email);
		user.setName(fullName);
		user.setNewUser(true);

		return user;
	}
}