java source code of UsernameRealm

/*
 * Copyright 2017-2018 the original author(https://github.com/wj596)
 * 
 * <p>
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * </p>
 */
package org.jsets.shiro.realm;

import java.util.Objects;
import java.util.Set;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.jsets.shiro.api.ShiroAccountProvider;
import org.jsets.shiro.config.ShiroProperties;
import org.jsets.shiro.model.Account;
import org.jsets.shiro.token.UsernameToken;
import org.jsets.shiro.util.CommonUtils;
import com.google.common.base.Strings;
import io.jsonwebtoken.lang.Collections;
/**
 * 基于用户的控制域
 * 
 * @author wangjie (https://github.com/wj596)
 * @date 2016年6月31日
 */
public class UsernameRealm extends AuthorizingRealm {
	
	private final ShiroProperties properties;
	private final ShiroAccountProvider accountProvider;

	public UsernameRealm(ShiroProperties properties,ShiroAccountProvider accountProvider) {
		this.properties = properties;
		this.accountProvider = accountProvider;
	}
	
	public Class<?> getAuthenticationTokenClass() {
		return UsernameToken.class;
	}
	
	/**
	 * 认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

		if (!(token instanceof UsernameToken)) return null;// 只认证UsernameToken

		if(Objects.isNull(token.getPrincipal()))
			throw new AuthenticationException(this.properties.getMsgAccountPasswordEmpty());
		String account = (String) token.getPrincipal();
		Account accountEntity = this.accountProvider.loadAccount(account);
		Boolean match = Boolean.TRUE;
		if (Objects.isNull(accountEntity)) {
			match = Boolean.FALSE;
			throw new AuthenticationException(this.properties.getMsgAccountNotExist());
		}
		return new SimpleAuthenticationInfo(account,match, getName());
	}

	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

		String account = (String) principals.getPrimaryPrincipal();
		if(Objects.isNull(account)||!Strings.isNullOrEmpty(CommonUtils.jwtPayload(account))
								  ||!Strings.isNullOrEmpty(CommonUtils.hmacPayload(account))) 
			return null;
		SimpleAuthorizationInfo info =  new SimpleAuthorizationInfo();
		Set<String> roles = this.accountProvider.loadRoles(account);
		Set<String> permissions = this.accountProvider.loadPermissions(account);
		if(!Collections.isEmpty(roles)) info.setRoles(roles);
		if(!Collections.isEmpty(permissions)) info.setStringPermissions(permissions);
        return info;  
	}
}