• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• grpc-spring-security-demo-master
  • src
    • main
      • proto
        • revinate
          • demo
            • demo.proto
      • resources
        • application.yaml
      • java
        • com
          • revinate
            • grpcspringsecurity
              • SecurityConfiguration.java
              • grpc
                • DemoGrpcService.java
                • interceptor
                  • ExceptionTranslationInterceptor.java
                  • SecurityContextPersistenceInterceptor.java
                  • BasicAuthenticationInterceptor.java
                  • Oauth2AuthenticationInterceptor.java
                  • AnonymousAuthenticationInterceptor.java
              • NumberService.java
              • Application.java
    • test
      • java
        • com
          • revinate
            • grpcspringsecurity
              • grpc
                • DemoGrpcServiceTests.java
              • util
                • BasicAuthenticationCallCredentials.java
  • gradle
    • wrapper
      • gradle-wrapper.properties
  • gradlew.bat
  • LICENSE
  • gradlew
  • build.gradle
  • README.md
  • .gitignore

package com.revinate.grpcspringsecurity.grpc.interceptor;

import io.grpc.Metadata;
import io.grpc.ServerCall;
import io.grpc.ServerCallHandler;
import io.grpc.ServerInterceptor;
import lombok.extern.slf4j.Slf4j;
import org.lognet.springboot.grpc.GRpcGlobalInterceptor;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;

import java.util.Collections;
import java.util.Objects;
import java.util.UUID;

@GRpcGlobalInterceptor
@Order(100)
@Slf4j
public class AnonymousAuthenticationInterceptor implements ServerInterceptor {

    private String key = UUID.randomUUID().toString();

    @Override
    public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(
            ServerCall<ReqT, RespT> call,
            Metadata headers,
            ServerCallHandler<ReqT, RespT> next) {
        if (Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) {
            SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken(key,
                    "anonymousUser", Collections.singletonList(new SimpleGrantedAuthority("ROLE_ANONYMOUS"))));

            log.debug("Populated SecurityContextHolder with anonymous token: {}",
                    SecurityContextHolder.getContext().getAuthentication());
        } else {
            log.debug("SecurityContextHolder not populated with anonymous token, as it already contained: {}",
                    SecurityContextHolder.getContext().getAuthentication());
        }

        return next.startCall(call, headers);
    }
}