Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package b4f.seguridad; import b4f.modelos.Usuario; import b4f.util.JwtToken; import b4f.config.PersistenceManager; import java.util.ArrayList; import java.util.List; import java.util.logging.Level; import java.util.logging.Logger; import javax.persistence.EntityManager; import org.apache.shiro.authc.AccountException; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.crypto.hash.Sha1Hash; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.SimplePrincipalCollection; /** * Shiro realm that pull users and roles from Roller's manager interfaces. * * @author snoopdave */ public class ShiroAuthorizingRealm extends AuthorizingRealm { public ShiroAuthorizingRealm() { setName("ShiroAuthorizingRealm"); setCredentialsMatcher(new HashedCredentialsMatcher(Sha1Hash.ALGORITHM_NAME)); System.out.println("ShiroAuthorizingRealm()"); } @Override public AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException { System.out.println("ShiroAuthorizingRealm.doGetAuthenticationInfo()"); //SE ACCEDI CON UN JWT TOKEN if (authToken instanceof JwtToken) { JwtToken jwt = (JwtToken) authToken; if (jwt.getToken() != null && !jwt.getToken().equals("")) { if (!jwt.validar()) { throw new AuthenticationException("Token invalido."); } try { Usuario user = UsersManager.getUser(jwt.getUser()); AuthenticationInfo rta = new SimpleAuthenticationInfo(user.getUsuario(), user.getPassword(), getName()); return rta; } catch (Exception ex) { Logger.getLogger(ShiroAuthorizingRealm.class.getName()).log(Level.SEVERE, null, ex); throw new AuthenticationException(ex.getMessage()); } } else { throw new AuthenticationException("Token invalido."); } } UsernamePasswordToken token = (UsernamePasswordToken) authToken; Usuario user; try { user = UsersManager.getUser(token.getUsername()); } catch (Exception ex) { System.err.println("Error looking up user: " + ex.getMessage()); throw new AuthenticationException("Usuario '" + token.getUsername() + "' no encontrado", ex); } if (user != null) { System.out.println("Returning user " + user.getUsuario() + " password " + user.getPassword()); return new SimpleAuthenticationInfo(user.getUsuario(), user.getPassword(), getName()); } else { System.err.println("Usuarioname not found: " + token.getUsername()); throw new AuthenticationException("User not found: " + token.getUsername()); } } public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { System.out.println("ShiroAuthorizingRealm.doGetAuthorizationInfo()"); String userName = (String) (principals.fromRealm(getName()).iterator().next()); Usuario user; try { user = UsersManager.getUser(userName); } catch (Exception ex) { throw new RuntimeException("Error looking up user " + userName, ex); } if (user != null) { List<String> roles; try { //TODO IMPLEMENTAR ROLES roles = new ArrayList<>(); // roles = umgr.getRoles(user); } catch (Exception ex) { throw new RuntimeException("Error looking up roles for user " + userName, ex); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); for (String role : roles) { info.addRole(role); } System.out.println("Returning " + roles.size() + " roles for user " + userName + " roles= " + roles); return info; } else { throw new RuntimeException("Usuarioname not found: " + userName); } } @Override public boolean supports(AuthenticationToken token) { if (token instanceof JwtToken) { return true; } return false; } }