• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• spring-boot-oauth2-password-flow-master
  • src
    • main
      • resources
        • application-postgres.properties
        • application-mysql.properties
        • data.sql
        • application.properties
      • java
        • com
          • zeldan
            • security
              • CustomUserDetailsService.java
              • AccountAuthenticationProvider.java
              • config
                • WebSecurityConfiguration.java
                • OAuth2ServerConfiguration.java
                • PasswordEncoderConfiguration.java
            • DemoApplication.java
            • model
              • Privilege.java
              • Account.java
              • Role.java
            • repository
              • AccountRepository.java
            • controller
              • UserController.java
              • AdminController.java
  • pom.xml
  • mvnw
  • LICENSE
  • .mvn
    • wrapper
      • maven-wrapper.jar
      • maven-wrapper.properties
  • README.md
  • .gitignore
  • mvnw.cmd

package com.zeldan.security;

import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

@Component
public class AccountAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {

    private final CustomUserDetailsService userDetailsService;

    private final PasswordEncoder passwordEncoder;

    public AccountAuthenticationProvider(CustomUserDetailsService userDetailsService, PasswordEncoder passwordEncoder) {
        this.userDetailsService = userDetailsService;
        this.passwordEncoder = passwordEncoder;
    }

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken token)
            throws AuthenticationException {
        if (token.getCredentials() == null || userDetails.getPassword() == null) {
            throw new BadCredentialsException("Credentials may not be null.");
        }
        if (!passwordEncoder.matches((String) token.getCredentials(), userDetails.getPassword())) {
            throw new BadCredentialsException("Invalid credentials.");
        }
    }

    @Override
    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken token) throws AuthenticationException {
        return userDetailsService.loadUserByUsername(username);
    }

}