org.apigw.authserver.svc.encrypted.EncryptedAuthorizationCodeServices.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.apigw.authserver.svc.encrypted.EncryptedAuthorizationCodeServices.java

Introduction

Here is the source code for org.apigw.authserver.svc.encrypted.EncryptedAuthorizationCodeServices.java

Source

/**
 *   Copyright 2013 Stockholm County Council
 *
 *   This file is part of APIGW
 *
 *   APIGW is free software; you can redistribute it and/or modify
 *   it under the terms of version 2.1 of the GNU Lesser General Public
 *   License as published by the Free Software Foundation.
 *
 *   APIGW is distributed in the hope that it will be useful,
 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *   GNU Lesser General Public License for more details.
 *
 *   You should have received a copy of the GNU Lesser General Public
 *   License along with APIGW; if not, write to the
 *   Free Software Foundation, Inc., 59 Temple Place, Suite 330,
 *   Boston, MA 02111-1307  USA
 *
 */
package org.apigw.authserver.svc.encrypted;

import org.apigw.authserver.api.SimpleAuthentication;
import org.apigw.authserver.svc.AbstractAuthorizationTokenService;
import org.apigw.commons.crypto.Encrypter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;

import java.util.Collections;

/**
 * Implementation of authorization code services that stores the codes and authentication in memory 
 * with an expiration time set
 * 
 * @author Albert rwall
 */
public class EncryptedAuthorizationCodeServices extends AbstractAuthorizationTokenService {

    private static final Logger log = LoggerFactory.getLogger(EncryptedAuthorizationCodeServices.class);
    private Encrypter encrypter;

    @Override
    public String createAuthorizationCode(AuthorizationRequestHolder authentication) {
        log.debug("createAuthorizationCode");
        UserDetails userDetails = (UserDetails) authentication.getUserAuthentication().getPrincipal();
        String encryptedUsername = encrypter.encrypt(userDetails.getUsername());

        User secureUser = new User(encryptedUsername, "",
                Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")));
        SimpleAuthentication auth = new SimpleAuthentication(secureUser);

        AuthorizationRequestHolder secureAuth = new AuthorizationRequestHolder(
                authentication.getAuthenticationRequest(), auth);
        return getAuthorizationCodeServices().createAuthorizationCode(secureAuth);
    }

    /**
     * @param encrypter the encrypter to set
     */
    public void setEncrypter(Encrypter encrypter) {
        this.encrypter = encrypter;
    }
}