API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 25th, 2016
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.28 KB | None | 0 0
raw download clone embed print report
  1.  
  2. import com.mongodb.DBObject;
  3. import org.springframework.core.convert.converter.Converter;
  4. import org.springframework.data.convert.ReadingConverter;
  5. import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  6. import org.springframework.security.core.Authentication;
  7. import org.springframework.security.core.GrantedAuthority;
  8. import org.springframework.security.core.authority.SimpleGrantedAuthority;
  9. import org.springframework.security.oauth2.provider.OAuth2Authentication;
  10. import org.springframework.security.oauth2.provider.OAuth2Request;
  11. import us.sdata.enroll.security.CustomUserDetails;
  12.  
  13. import java.util.*;
  14.  
  15. /**
  16. * Converter to deserialize back into an OAuth2Authentication Object made necessary because
  17. * Spring Mongo can't map clientAuthentication to authorizationRequest.
  18. */
  19. @ReadingConverter
  20. public class OAuth2AuthenticationReadConverter implements Converter<DBObject, OAuth2Authentication> {
  21.  
  22. @Override
  23. public OAuth2Authentication convert(DBObject source) {
  24. DBObject storedRequest = (DBObject) source.get("storedRequest");
  25. OAuth2Request oAuth2Request = new OAuth2Request((Map<String, String>) storedRequest.get("requestParameters"),
  26. (String) storedRequest.get("clientId"), null, true, new HashSet((List) storedRequest.get("scope")),
  27. null, null, null, null);
  28.  
  29. DBObject userAuthorization = (DBObject) source.get("userAuthentication");
  30. Object principal = getPrincipalObject(userAuthorization.get("principal"));
  31. Authentication userAuthentication = new UsernamePasswordAuthenticationToken(principal,
  32. userAuthorization.get("credentials"), getAuthorities((List) userAuthorization.get("authorities")));
  33.  
  34. return new OAuth2Authentication(oAuth2Request, userAuthentication);
  35. }
  36.  
  37. private Object getPrincipalObject(Object principal) {
  38. if (principal instanceof DBObject) {
  39. DBObject principalDBObject = (DBObject) principal;
  40.  
  41. String userName = (String) principalDBObject.get("username");
  42. String password = "";
  43. boolean enabled = (boolean) principalDBObject.get("enabled");
  44. boolean accountNonExpired = (boolean) principalDBObject.get("accountNonExpired");
  45. boolean credentialsNonExpired = (boolean) principalDBObject.get("credentialsNonExpired");
  46. boolean accountNonLocked = (boolean) principalDBObject.get("accountNonLocked");
  47.  
  48. /*
  49. * retrieve the custom fields from principal object and map to CustomUserDetails so that we can use them later on SpEL queries via OAuth2Authentication object
  50. */
  51. String customerId = (String) principalDBObject.get("customerId");
  52.  
  53. return new CustomUserDetails(userName, password, enabled,
  54. accountNonExpired, credentialsNonExpired, accountNonLocked, Collections.EMPTY_LIST, customerId);
  55.  
  56.  
  57. } else {
  58. return principal;
  59. }
  60. }
  61.  
  62. private Collection<GrantedAuthority> getAuthorities(List<Map<String, String>> authorities) {
  63. Set<GrantedAuthority> grantedAuthorities = new HashSet<>(authorities.size());
  64. for (Map<String, String> authority : authorities) {
  65. grantedAuthorities.add(new SimpleGrantedAuthority(authority.get("role")));
  66. }
  67. return grantedAuthorities;
  68. }
  69. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!