io.github.howiefh.jeews.modules.sys.security.realm.StatelessRealm.java Source code

Java tutorial

  1. HOME
  2. Java
  3. io.github.howiefh.jeews.modules.sys.security.realm.StatelessRealm.java

Introduction

Here is the source code for io.github.howiefh.jeews.modules.sys.security.realm.StatelessRealm.java

Source

/**
 * Copyright (c) 2015 https://github.com/howiefh
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 */
package io.github.howiefh.jeews.modules.sys.security.realm;

import io.github.howiefh.jeews.modules.sys.entity.User;
import io.github.howiefh.jeews.modules.sys.entity.User.RolePermission;
import io.github.howiefh.jeews.modules.sys.security.token.JsonWebToken;
import io.github.howiefh.jeews.modules.sys.service.UserService;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

/**
 *
 *
 * @author howiefh
 */
public class StatelessRealm extends AuthorizingRealm {
    @Autowired
    private UserService userService;

    @Override
    public boolean supports(AuthenticationToken token) {
        // ?JsonWebTokenToken
        return token instanceof JsonWebToken;
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        // ????
        String username = (String) principals.getPrimaryPrincipal();

        User user = userService.findByName(username);
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        SimplePrincipalCollection principalCollection = (SimplePrincipalCollection) principals;
        principalCollection.clear();
        principalCollection.add(user, getName());

        RolePermission rolePermission = user.new RolePermission();
        authorizationInfo.setRoles(rolePermission.getRoleSet());
        authorizationInfo.setStringPermissions(rolePermission.getPermissionSet());
        return authorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        JsonWebToken jsonWebToken = (JsonWebToken) token;
        String jwt = jsonWebToken.getToken();
        // ???????
        return new SimpleAuthenticationInfo("", jwt, getName());
    }
}