List of usage examples for org.springframework.security.core Authentication getClass
@HotSpotIntrinsicCandidate public final native Class<?> getClass();
From source file:com.cpst.postal.settlement.user.security.CustomProviderManager.java
/** * Attempts to authenticate the passed {@link Authentication} object. * <p>//from w w w . j a va 2 s . c o m * The list of {@link AuthenticationProvider}s will be successively tried until an * <code>AuthenticationProvider</code> indicates it is capable of authenticating the type of * <code>Authentication</code> object passed. Authentication will then be attempted with that * <code>AuthenticationProvider</code>. * <p> * If more than one <code>AuthenticationProvider</code> supports the passed <code>Authentication</code> * object, only the first <code>AuthenticationProvider</code> tried will determine the result. No subsequent * <code>AuthenticationProvider</code>s will be tried. * * @param authentication the authentication request object. * * @return a fully authenticated object including credentials. * * @throws AuthenticationException if authentication fails. */ public Authentication authenticate(Authentication authentication) throws AuthenticationException { Class<? extends Authentication> toTest = authentication.getClass(); AuthenticationException lastException = null; Authentication result = null; boolean debug = logger.isDebugEnabled(); for (AuthenticationProvider provider : getProviders()) { if (!provider.supports(toTest)) { continue; } if (debug) { logger.debug("Authentication attempt using " + provider.getClass().getName()); } try { result = provider.authenticate(authentication); if (result != null) { copyDetails(authentication, result); break; } } catch (AccountStatusException e) { prepareException(e, authentication); // SEC-546: Avoid polling additional providers if auth failure is due to invalid account status throw e; } catch (AuthenticationException e) { lastException = e; } } if (result == null && parent != null) { // Allow the parent to try. try { result = parent.authenticate(authentication); } catch (ProviderNotFoundException e) { // ignore as we will throw below if no other exception occurred prior to calling parent and the parent // may throw ProviderNotFound even though a provider in the child already handled the request } catch (AuthenticationException e) { lastException = e; } } if (result != null) { if (eraseCredentialsAfterAuthentication && (result instanceof CredentialsContainer)) { // Authentication is complete. Remove credentials and other secret data from authentication ((CredentialsContainer) result).eraseCredentials(); } eventPublisher.publishAuthenticationSuccess(result); return result; } // Parent was null, or didn't authenticate (or throw an exception). if (lastException == null) { lastException = new ProviderNotFoundException(messages.getMessage("ProviderManager.providerNotFound", new Object[] { toTest.getName() }, "No AuthenticationProvider found for {0}")); } prepareException(lastException, authentication); throw lastException; }
From source file:org.keycloak.adapters.springsecurity.client.KeycloakClientRequestFactory.java
/** * Returns the {@link KeycloakSecurityContext} from the Spring {@link SecurityContextHolder}'s {@link Authentication}. * * @return the current <code>KeycloakSecurityContext</code> *//*from w ww . ja v a 2 s . com*/ protected KeycloakSecurityContext getKeycloakSecurityContext() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); KeycloakAuthenticationToken token; KeycloakSecurityContext context; if (authentication == null) { throw new IllegalStateException( "Cannot set authorization header because there is no authenticated principal"); } if (!KeycloakAuthenticationToken.class.isAssignableFrom(authentication.getClass())) { throw new IllegalStateException(String.format( "Cannot set authorization header because Authentication is of type %s but %s is required", authentication.getClass(), KeycloakAuthenticationToken.class)); } token = (KeycloakAuthenticationToken) authentication; context = token.getAccount().getKeycloakSecurityContext(); return context; }
From source file:org.mitre.oauth2.model.SavedUserAuthentication.java
/** * Create a Saved Auth from an existing Auth token */// w w w . j a v a2 s. c om public SavedUserAuthentication(Authentication src) { setName(src.getName()); setAuthorities(src.getAuthorities()); setAuthenticated(src.isAuthenticated()); if (src instanceof SavedUserAuthentication) { // if we're copying in a saved auth, carry over the original class name setSourceClass(((SavedUserAuthentication) src).getSourceClass()); } else { setSourceClass(src.getClass().getName()); } }
From source file:nl.surfnet.coin.api.oauth.ClientMetaDataTokenEnhancer.java
@Override public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); String clientId = authorizationRequest.getClientId(); ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails instanceof OpenConextClientDetails) { ClientMetaData clientMetaData = ((OpenConextClientDetails) clientDetails).getClientMetaData(); Authentication userAuthentication = authentication.getUserAuthentication(); if (userAuthentication instanceof SAMLAuthenticationToken) { ((SAMLAuthenticationToken) userAuthentication).setClientMetaData(clientMetaData); } else if (null == userAuthentication) { LOG.debug("We are doing client credentials, token will not be enhanced with user authentication"); } else {//from w ww. jav a 2 s. c o m throw new RuntimeException("The userAuthentication is of the type '" + (userAuthentication != null ? userAuthentication.getClass() : "null") + "'. Required is a (sub)class of SAMLAuthenticationToken"); } } /* * Part of the method contract. We did however change the * OAuth2Authentication and that is stored as a blob in the database, so the * metadata is accessible later on when checking for ACL's against the SP */ return accessToken; }
From source file:org.brekka.pegasus.core.services.impl.EventServiceImpl.java
protected void populate(final RemoteUserEvent remoteUserEvent) { remoteUserEvent.setInitiated(new Date()); SecurityContext context = SecurityContextHolder.getContext(); Authentication authentication = context.getAuthentication(); Object details = authentication.getDetails(); if (details instanceof WebAuthenticationDetails) { WebAuthenticationDetails wad = (WebAuthenticationDetails) details; remoteUserEvent.setOnBehalfOfAddress(wad.getOnBehalfOfAddress()); remoteUserEvent.setRemoteAddress(wad.getRemoteAddress()); remoteUserEvent.setUserAgent(wad.getUserAgent()); } else {/*w ww . j av a 2 s . com*/ throw new IllegalStateException( String.format("No web authentication details found in authentication %s, principal: %s", authentication.getClass().getName(), authentication.getPrincipal())); } MemberContext current = memberService.getCurrent(); if (current != null) { remoteUserEvent.setMember(current.getMember()); } }
From source file:com.formkiq.core.service.SpringSecurityService.java
/** * @return {@link String}/*from w ww . j av a 2 s . co m*/ */ public String getClientId() { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); String clientid = null; if (auth instanceof OAuth2Authentication) { OAuth2Authentication a = (OAuth2Authentication) auth; clientid = a.getOAuth2Request().getClientId(); } else if (auth instanceof UsernamePasswordAuthenticationToken) { User user = this.userDao.findUser(auth.getName()); clientid = user.getClientid(); } else { throw new UnsupportedOperationException(auth.getClass().getName() + " is not supported"); } return clientid; }
From source file:sk.lazyman.gizmo.security.GizmoAuthProvider.java
private Authentication authenticateUsingLdap(Authentication authentication) throws AuthenticationException { String principal = (String) authentication.getPrincipal(); DirContextOperations ctx = ldapBindAuthenticator.authenticate(authentication); User user = userRepository.findUserByName(principal); if (user == null) { user = createUser(ctx, principal); }/*from w w w .ja v a 2 s .c o m*/ if (!user.isEnabled()) { throw new BadCredentialsException("GizmoAuthenticationProvider.userDisabled"); } GizmoPrincipal gizmoPrincipal = new GizmoPrincipal(user); LOGGER.debug("User '{}' authenticated ({}), authorities: {}", new Object[] { authentication.getPrincipal(), authentication.getClass().getSimpleName(), gizmoPrincipal.getAuthorities() }); return new UsernamePasswordAuthenticationToken(gizmoPrincipal, null, gizmoPrincipal.getAuthorities()); }
From source file:com.sitewhere.security.SitewhereAuthenticationProvider.java
public Authentication authenticate(Authentication input) throws AuthenticationException { try {//from ww w. ja v a2s .c o m if (input instanceof UsernamePasswordAuthenticationToken) { String username = (String) input.getPrincipal(); String password = (String) input.getCredentials(); IUser user = SiteWhereServer.getInstance().getUserManagement().authenticate(username, password); List<IGrantedAuthority> auths = SiteWhereServer.getInstance().getUserManagement() .getGrantedAuthorities(user.getUsername()); SitewhereUserDetails details = new SitewhereUserDetails(user, auths); return new SitewhereAuthentication(details, password); } else if (input instanceof SitewhereAuthentication) { return input; } else { throw new AuthenticationServiceException("Unknown authentication: " + input.getClass().getName()); } } catch (SiteWhereException e) { throw new BadCredentialsException("Unable to authenticate.", e); } }
From source file:nl.surfnet.coin.api.oauth.ClientMetaDataPreAuthenticatedGrantedAuthoritiesUserDetailsService.java
@Override protected UserDetails createuserDetails(Authentication token, Collection<? extends GrantedAuthority> authorities) { if (token instanceof PreAuthenticatedAuthenticationToken) { PreAuthenticatedAuthenticationToken preToken = (PreAuthenticatedAuthenticationToken) token; Object principal = preToken.getPrincipal(); if (principal instanceof ClientMetaDataPrincipal) { return new ClientMetaDataUser(token.getName(), "N/A", true, true, true, true, authorities, ((ClientMetaDataPrincipal) principal).getClientMetaData()); } else {//from w ww . jav a2 s . c om throw new RuntimeException( "The principal on the PreAuthenticatedAuthenticationToken is of the type '" + (principal != null ? principal.getClass() : "null") + "'. Required is a (sub)class of ClientMetaDataPrincipal"); } } else { throw new RuntimeException("The token is of the type '" + (token != null ? token.getClass() : "null") + "'. Required is a (sub)class of PreAuthenticatedAuthenticationToken"); } }