Examples with Auth0JWTToken - com.auth0.spring.security.auth0.Auth0JWTToken

Example 1 with Auth0JWTToken

use of com.auth0.spring.security.auth0.Auth0JWTToken in project nextprot-api by calipho-sib.

the class NextprotAuthProvider method authenticate.

public Authentication authenticate(Authentication authentication) throws AuthenticationException {
    String token = ((Auth0JWTToken) authentication).getJwt();
    this.logger.debug("Trying to authenticate with token: " + token);
    try {
        Map<String, Object> map = null;
        Auth0User auth0User = null;
        // Should put this in 2 different providers
        if (token.split("\\.").length == 3) {
            // it's the id token (JWT)
            map = jwtVerifier.verify(token);
            this.logger.debug("Authenticating with JWT");
        }
        /* else { // not using access token for now
				try {
					
					this.logger.debug("Will ask auth0 service");
					
					//in case we send the access token
					auth0User = nextprotAuth0Endpoint.fetchUser(token);
					this.logger.debug("Authenticating with access token (asking auth0 endpoint)" + auth0User);
					
				}catch (Exception e){
					e.printStackTrace();
					this.logger.error(e.getMessage());
					throw new SecurityException("client id not found");
				}
			}*/
        this.logger.debug("Decoded JWT token" + map);
        UserDetails userDetails;
        // UI Widget map
        if ((auth0User != null && auth0User.getEmail() != null) || (map != null && map.containsKey("email"))) {
            String username = null;
            if (auth0User != null && auth0User.getEmail() != null) {
                username = auth0User.getEmail();
            } else {
                username = (String) map.get("email");
            }
            if (username != null) {
                userDetails = userDetailsService.loadUserByUsername(username);
                authentication.setAuthenticated(true);
                return createSuccessAuthentication(userDetails, map);
            } else
                return null;
        } else // Codec map
        if (map != null && map.containsKey("payload")) {
            Map<String, Object> payload = codec.decodeJWT(token);
            String username = (String) payload.get("email");
            if (username != null) {
                userDetails = userDetailsService.loadUserByUsername(username);
                userDetails.getAuthorities().clear();
                List<String> auths = (List<String>) payload.get("authorities");
                for (String authority : auths) {
                    ((Set<GrantedAuthority>) userDetails.getAuthorities()).add(new SimpleGrantedAuthority(authority));
                }
                authentication.setAuthenticated(true);
                return createSuccessAuthentication(userDetails, map);
            } else {
                return null;
            }
        } else
            throw new SecurityException("client id not found");
    /*//TODO add the application here or as another provider else if (map.containsKey("app_id")) {
				long appId = (Long) map.get("app_id");
				UserApplication userApp = userApplicationService.getUserApplication(appId);
				if (userApp.hasUserDataAccess()) {

					userDetails = userDetailsService.loadUserByUsername(userApp.getOwner());
					if (userDetails == null) {
						userService.createUser(buildUserFromAuth0(map));
					}
					userDetails = userDetailsService.loadUserByUsername(userApp.getOwner());
				}
			}*/
    } catch (InvalidKeyException e) {
        // this.logger.error("InvalidKeyException thrown while decoding JWT token " + e.getLocalizedMessage());
        throw new Auth0TokenException(e);
    } catch (NoSuchAlgorithmException e) {
        // this.logger.error("NoSuchAlgorithmException thrown while decoding JWT token " + e.getLocalizedMessage());
        throw new Auth0TokenException(e);
    } catch (IllegalStateException e) {
        // this.logger.error("IllegalStateException thrown while decoding JWT token " + e.getLocalizedMessage());
        throw new Auth0TokenException(e);
    } catch (SignatureException e) {
        // this.logger.error("SignatureException thrown while decoding JWT token " + e.getLocalizedMessage());
        throw new Auth0TokenException(e);
    } catch (IOException e) {
        // this.logger.error("IOException thrown while decoding JWT token " + e.getLocalizedMessage());
        throw new Auth0TokenException("invalid token", e);
    }
}

Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) Auth0TokenException(com.auth0.spring.security.auth0.Auth0TokenException) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) Auth0User(com.auth0.Auth0User) UserDetails(org.springframework.security.core.userdetails.UserDetails) Auth0JWTToken(com.auth0.spring.security.auth0.Auth0JWTToken) List(java.util.List) Map(java.util.Map)

Aggregations

Auth0User (com.auth0.Auth0User)1 Auth0JWTToken (com.auth0.spring.security.auth0.Auth0JWTToken)1 Auth0TokenException (com.auth0.spring.security.auth0.Auth0TokenException)1 IOException (java.io.IOException)1 InvalidKeyException (java.security.InvalidKeyException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SignatureException (java.security.SignatureException)1 List (java.util.List)1 Map (java.util.Map)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1 UserDetails (org.springframework.security.core.userdetails.UserDetails)1