Java tutorial
/* * Copyright 2017 Danish Maritime Authority. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package net.maritimecloud.identityregistry.security; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.stereotype.Component; import java.util.ArrayList; import java.util.List; /*import net.maritimecloud.identityregistry.services.OrganizationService; import net.maritimecloud.identityregistry.model.database.Organization;*/ /* * NOT USED!!! */ @Component public class MCAuthenticationProvider implements AuthenticationProvider { private static final Logger logger = LoggerFactory.getLogger(MCAuthenticationProvider.class); /* private OrganizationService organizationService; @Autowired public void setOrganizationService(OrganizationService organizationService) { this.organizationService = organizationService; }*/ @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String name = authentication.getName(); String password = authentication.getCredentials().toString(); logger.debug("In authenticate"); // The login name is the org shortname // Organization org = this.organizationService.getOrganizationByShortName(name); // if an org was found, test the password // if (org != null && (new BCryptPasswordEncoder().matches(password, org.getPasswordHash()))) { if (!password.isEmpty()) { List<GrantedAuthority> grantedAuths = new ArrayList<>(); grantedAuths.add(new SimpleGrantedAuthority("ROLE_ADMIN")); grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER")); Authentication auth = new UsernamePasswordAuthenticationToken(name, authentication.getCredentials(), grantedAuths); logger.debug("Got authenticated: " + auth.isAuthenticated()); return auth; } else { logger.debug("Didn't get authenticated"); throw new BadCredentialsException("Bad Credentials"); } } @Override public boolean supports(Class<?> authentication) { return authentication.equals(UsernamePasswordAuthenticationToken.class); } }