• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• spring-boot-security-example-master
  • src
    • main
      • resources
        • ehcache.xml
        • logback.xml
        • private
          • keystorejks
        • application.properties
      • java
        • com
          • futureprocessing
            • spring
              • api
                • ApiController.java
                • samplestuff
                  • ServiceGateway.java
                  • SampleController.java
                • auth
                  • AuthenticationController.java
              • ContainerConfiguration.java
              • infrastructure
                • security
                  • BackendAdminUsernamePasswordAuthenticationProvider.java
                  • AuthenticationWithToken.java
                  • BackendAdminUsernamePasswordAuthenticationToken.java
                  • SecurityConfig.java
                  • ExternalServiceAuthenticator.java
                  • TokenResponse.java
                  • ManagementEndpointAuthenticationFilter.java
                  • TokenService.java
                  • AuthenticationFilter.java
                  • TokenAuthenticationProvider.java
                  • DomainUsernamePasswordAuthenticationProvider.java
                • AuthenticatedExternalServiceProvider.java
                • ServiceGatewayImpl.java
                • ServiceGatewayBase.java
                • externalwebservice
                  • ExternalWebServiceStub.java
                  • SomeExternalServiceAuthenticator.java
                • AuthenticatedExternalWebService.java
              • domain
                • DomainUser.java
                • CurrentlyLoggedUser.java
                • Stuff.java
              • Application.java
    • test
      • java
        • com
          • futureprocessing
            • integration
              • SecurityTest.java
  • gradle
    • wrapper
      • gradle-wrapper.properties
      • gradle-wrapper.jar
  • libs
    • .gitignore
  • gradlew.bat
  • gradlew
  • build.gradle
  • README.md
  • .gitignore
  • LICENSE.txt

package com.futureprocessing.spring.infrastructure.security;

import com.google.common.base.Optional;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

public class DomainUsernamePasswordAuthenticationProvider implements AuthenticationProvider {

    private TokenService tokenService;
    private ExternalServiceAuthenticator externalServiceAuthenticator;

    public DomainUsernamePasswordAuthenticationProvider(TokenService tokenService, ExternalServiceAuthenticator externalServiceAuthenticator) {
        this.tokenService = tokenService;
        this.externalServiceAuthenticator = externalServiceAuthenticator;
    }

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Optional<String> username = (Optional) authentication.getPrincipal();
        Optional<String> password = (Optional) authentication.getCredentials();

        if (!username.isPresent() || !password.isPresent()) {
            throw new BadCredentialsException("Invalid Domain User Credentials");
        }

        AuthenticationWithToken resultOfAuthentication = externalServiceAuthenticator.authenticate(username.get(), password.get());
        String newToken = tokenService.generateNewToken();
        resultOfAuthentication.setToken(newToken);
        tokenService.store(newToken, resultOfAuthentication);

        return resultOfAuthentication;
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return authentication.equals(UsernamePasswordAuthenticationToken.class);
    }
}