Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import com.mongodb.DBObject;
- import org.springframework.core.convert.converter.Converter;
- import org.springframework.data.convert.ReadingConverter;
- import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
- import org.springframework.security.core.Authentication;
- import org.springframework.security.core.GrantedAuthority;
- import org.springframework.security.core.authority.SimpleGrantedAuthority;
- import org.springframework.security.oauth2.provider.OAuth2Authentication;
- import org.springframework.security.oauth2.provider.OAuth2Request;
- import us.sdata.enroll.security.CustomUserDetails;
- import java.util.*;
- /**
- * Converter to deserialize back into an OAuth2Authentication Object made necessary because
- * Spring Mongo can't map clientAuthentication to authorizationRequest.
- */
- @ReadingConverter
- public class OAuth2AuthenticationReadConverter implements Converter<DBObject, OAuth2Authentication> {
- @Override
- public OAuth2Authentication convert(DBObject source) {
- DBObject storedRequest = (DBObject) source.get("storedRequest");
- OAuth2Request oAuth2Request = new OAuth2Request((Map<String, String>) storedRequest.get("requestParameters"),
- (String) storedRequest.get("clientId"), null, true, new HashSet((List) storedRequest.get("scope")),
- null, null, null, null);
- DBObject userAuthorization = (DBObject) source.get("userAuthentication");
- Object principal = getPrincipalObject(userAuthorization.get("principal"));
- Authentication userAuthentication = new UsernamePasswordAuthenticationToken(principal,
- userAuthorization.get("credentials"), getAuthorities((List) userAuthorization.get("authorities")));
- return new OAuth2Authentication(oAuth2Request, userAuthentication);
- }
- private Object getPrincipalObject(Object principal) {
- if (principal instanceof DBObject) {
- DBObject principalDBObject = (DBObject) principal;
- String userName = (String) principalDBObject.get("username");
- String password = "";
- boolean enabled = (boolean) principalDBObject.get("enabled");
- boolean accountNonExpired = (boolean) principalDBObject.get("accountNonExpired");
- boolean credentialsNonExpired = (boolean) principalDBObject.get("credentialsNonExpired");
- boolean accountNonLocked = (boolean) principalDBObject.get("accountNonLocked");
- /*
- * retrieve the custom fields from principal object and map to CustomUserDetails so that we can use them later on SpEL queries via OAuth2Authentication object
- */
- String customerId = (String) principalDBObject.get("customerId");
- return new CustomUserDetails(userName, password, enabled,
- accountNonExpired, credentialsNonExpired, accountNonLocked, Collections.EMPTY_LIST, customerId);
- } else {
- return principal;
- }
- }
- private Collection<GrantedAuthority> getAuthorities(List<Map<String, String>> authorities) {
- Set<GrantedAuthority> grantedAuthorities = new HashSet<>(authorities.size());
- for (Map<String, String> authority : authorities) {
- grantedAuthorities.add(new SimpleGrantedAuthority(authority.get("role")));
- }
- return grantedAuthorities;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement