• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• springboot-angular-atmosphere-quickstart-master
  • src
    • main
      • resources
        • templates
          • index.html
          • login.html
        • config
          • application-dev.properties
          • application.properties
        • banner.txt
        • static
          • images
          • templates
            • default.html
          • js
            • app.js
          • css
            • main.css
      • java
        • net
          • andreaskluth
            • toastonatmosphere
              • security
                • FakeAuthenticationProvider.java
              • configuration
                • SecurityConfiguration.java
                • WebConfigurer.java
              • websocket
                • ToastService.java
              • Charsets.java
              • Application.java
              • controller
                • HomeController.java
                • AuthenticationController.java
    • test
      • resources
        • delete_me
      • java
        • net
          • andreaskluth
            • toastonatmosphere
              • security
                • FakeAuthenticationProviderTest.java
              • integration
                • ContainerStartupTest.java
              • CharsetsTest.java
              • controller
                • HomeControllerTest.java
  • pom.xml
  • swarm.json
  • LICENSE
  • manifest.yml
  • .settings
    • org.eclipse.jdt.ui.prefs
    • org.eclipse.m2e.core.prefs
    • org.eclipse.jdt.core.prefs
    • org.eclipse.core.resources.prefs
  • .travis.yml
  • README.md
  • Dockerfile
  • .gitignore
  • .project
  • .classpath

package net.andreaskluth.toastonatmosphere.security;

import java.util.ArrayList;
import java.util.List;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

/**
 * In-memory fake authentication provider.
 * 
 * @author Andreas Kluth
 */
@Component
public class FakeAuthenticationProvider implements AuthenticationProvider {

  private static final String HARD_CODED_SUPER_SECRET_NAME = "admin";

  private static final String HARD_CODED_SUPER_SECRET_PW = "adm1n";

  private final String saltedAndHashedSecret;

  private final PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();

  /**
   * Creates a new instance of {@link FakeAuthenticationProvider}.
   * 
   * @param encoder
   *          to hash and salt passwords.
   */
  public FakeAuthenticationProvider() {
    saltedAndHashedSecret = passwordEncoder.encode(HARD_CODED_SUPER_SECRET_PW);
  }

  @Override
  public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    String name = authentication.getName();
    String password = authentication.getCredentials().toString();

    if (isValidUser(name, password)) {
      List<GrantedAuthority> grantedAuths = new ArrayList<>();
      grantedAuths.add(new SimpleGrantedAuthority("USER"));
      return new UsernamePasswordAuthenticationToken(name, password, grantedAuths);
    }

    throw new BadCredentialsException("Invalid password or user name.");
  }

  @Override
  public boolean supports(Class<?> authentication) {
    return authentication.equals(UsernamePasswordAuthenticationToken.class);
  }

  private boolean isValidUser(String name, String password) {
    return HARD_CODED_SUPER_SECRET_NAME.equalsIgnoreCase(name)
        && passwordEncoder.matches(password, saltedAndHashedSecret);
  }

}