2017-12-15 00:01:26 +01:00
|
|
|
package eu.eudat.security;
|
2017-09-27 18:15:39 +02:00
|
|
|
|
|
|
|
import java.util.ArrayList;
|
|
|
|
|
2017-10-13 17:08:49 +02:00
|
|
|
import javax.naming.NameAlreadyBoundException;
|
2017-09-27 18:15:39 +02:00
|
|
|
|
2017-09-28 12:32:03 +02:00
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
2017-09-27 18:15:39 +02:00
|
|
|
import org.springframework.security.authentication.AuthenticationProvider;
|
2017-10-13 17:08:49 +02:00
|
|
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
2017-09-27 18:15:39 +02:00
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
|
import org.springframework.security.core.Authentication;
|
|
|
|
import org.springframework.security.core.AuthenticationException;
|
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
2017-12-15 00:01:26 +01:00
|
|
|
import eu.eudat.dao.entities.UserInfoDao;
|
|
|
|
import eu.eudat.entities.UserInfo;
|
|
|
|
import eu.eudat.exceptions.NonValidTokenException;
|
|
|
|
import eu.eudat.security.validators.GoogleTokenValidator;
|
|
|
|
import eu.eudat.security.validators.NativeTokenValidator;
|
|
|
|
import eu.eudat.security.validators.TokenValidator;
|
2017-09-28 12:32:03 +02:00
|
|
|
|
2017-09-27 18:15:39 +02:00
|
|
|
@Component
|
|
|
|
public class CustomAuthenticationProvider implements AuthenticationProvider {
|
|
|
|
|
|
|
|
|
2017-09-28 12:32:03 +02:00
|
|
|
@Autowired private UserInfoDao userInfoDao;
|
|
|
|
|
2017-10-13 17:08:49 +02:00
|
|
|
@Autowired private GoogleTokenValidator googleTokenValidator;
|
|
|
|
@Autowired private NativeTokenValidator nativeTokenValidator;
|
|
|
|
|
2017-09-28 12:32:03 +02:00
|
|
|
|
2017-09-27 18:15:39 +02:00
|
|
|
@Override
|
|
|
|
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
|
|
|
|
|
2017-09-28 12:32:03 +02:00
|
|
|
if (authentication != null) {
|
2017-10-13 17:08:49 +02:00
|
|
|
|
2017-09-28 12:32:03 +02:00
|
|
|
String token = (String)authentication.getCredentials();
|
2017-10-13 17:08:49 +02:00
|
|
|
TokenValidator tokenValidator = null;
|
|
|
|
|
|
|
|
if(TokenAuthenticationFilter.HEADER_GOOGLE_TOKEN_FIELD.equals(authentication.getPrincipal()))
|
|
|
|
tokenValidator = googleTokenValidator;
|
|
|
|
else if(TokenAuthenticationFilter.HEADER_NATIVE_TOKEN_FIELD.equals(authentication.getPrincipal()))
|
|
|
|
tokenValidator = nativeTokenValidator;
|
|
|
|
else
|
|
|
|
throw new AuthenticationServiceException("The appropriate http headers have not been set. Please check!");
|
|
|
|
|
2017-10-20 12:03:55 +02:00
|
|
|
UserInfo userInfo;
|
2017-09-28 12:32:03 +02:00
|
|
|
try {
|
2017-10-20 12:03:55 +02:00
|
|
|
userInfo = tokenValidator.validateToken(token);
|
2017-09-28 12:32:03 +02:00
|
|
|
} catch (NonValidTokenException e) {
|
|
|
|
System.out.println("Could not validate a user by his token! Reason: "+e.getMessage());
|
|
|
|
throw new AuthenticationServiceException("Token validation failed - Not a valid token");
|
|
|
|
}
|
2017-09-28 12:41:08 +02:00
|
|
|
|
2017-10-20 17:11:40 +02:00
|
|
|
// if reached this point, authentication is ok, so return just an instance where the principal is the UserInfo ID
|
|
|
|
//(to have it at the webservices calls - it's ESSENTIAL) while the password can be whatever...
|
|
|
|
return new UsernamePasswordAuthenticationToken(userInfo.getId(), authentication.getCredentials(), new ArrayList<>());
|
2017-10-16 16:57:17 +02:00
|
|
|
|
2017-09-27 18:15:39 +02:00
|
|
|
}
|
2017-09-28 12:32:03 +02:00
|
|
|
else
|
|
|
|
throw new AuthenticationServiceException("Authentication failed");
|
2017-09-27 18:15:39 +02:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public boolean supports(Class<?> authentication) {
|
|
|
|
return authentication.equals(UsernamePasswordAuthenticationToken.class);
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|