You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
2.5 KiB
Java
55 lines
2.5 KiB
Java
package eu.eudat.handlers;
|
|
|
|
import eu.eudat.exceptions.security.UnauthorisedException;
|
|
import eu.eudat.models.security.Principal;
|
|
import eu.eudat.security.claims.ClaimedAuthorities;
|
|
import eu.eudat.services.operations.AuthenticationService;
|
|
import eu.eudat.services.operations.AuthenticationServiceImpl;
|
|
import eu.eudat.types.Authorities;
|
|
import org.springframework.core.MethodParameter;
|
|
import org.springframework.web.bind.support.WebDataBinderFactory;
|
|
import org.springframework.web.context.request.NativeWebRequest;
|
|
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
|
|
import org.springframework.web.method.support.ModelAndViewContainer;
|
|
|
|
import java.lang.annotation.Annotation;
|
|
import java.util.Arrays;
|
|
import java.util.List;
|
|
import java.util.Optional;
|
|
import java.util.UUID;
|
|
|
|
|
|
public final class PrincipalArgumentResolver implements HandlerMethodArgumentResolver {
|
|
|
|
private AuthenticationService authenticationService;
|
|
|
|
@Override
|
|
public boolean supportsParameter(MethodParameter methodParameter) {
|
|
return methodParameter.getParameterType().equals(Principal.class);
|
|
}
|
|
|
|
@Override
|
|
public Object resolveArgument(MethodParameter methodParameter, ModelAndViewContainer modelAndViewContainer, NativeWebRequest nativeWebRequest, WebDataBinderFactory webDataBinderFactory) throws Exception {
|
|
String token = nativeWebRequest.getHeader("AuthToken");
|
|
Optional<Annotation> claimsAnnotation = Arrays.stream(methodParameter.getParameterAnnotations()).filter(annotation -> annotation.annotationType().equals(ClaimedAuthorities.class)).findAny();
|
|
List<Authorities> claimList = claimsAnnotation.map(annotation -> Arrays.asList(((ClaimedAuthorities) annotation).claims())).orElse(Authorities.all());
|
|
if (token == null) throw new UnauthorisedException("Authentication Information Is Missing");
|
|
UUID authToken;
|
|
try {
|
|
authToken = UUID.fromString(token);
|
|
} catch (IllegalArgumentException ex) {
|
|
throw new UnauthorisedException("Authentication Information Is Missing");
|
|
}
|
|
|
|
Principal principal = this.authenticationService.Touch(authToken);
|
|
if (principal == null) throw new UnauthorisedException("Authentication Information Missing");
|
|
if (!principal.isAuthorized(claimList))
|
|
throw new UnauthorisedException("You are not Authorized For this Action");
|
|
return principal;
|
|
}
|
|
|
|
public PrincipalArgumentResolver(AuthenticationService authenticationService) {
|
|
this.authenticationService = authenticationService;
|
|
}
|
|
|
|
} |