Search in sources :

Example 1 with AuthenticationProvider

use of io.gravitee.rest.api.security.authentication.AuthenticationProvider in project gravitee-management-rest-api by gravitee-io.

the class BasicSecurityConfigurerAdapter method configure.

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    LOGGER.info("--------------------------------------------------------------");
    LOGGER.info("Portal API BasicSecurity Config");
    LOGGER.info("Loading authentication identity providers for Basic authentication");
    List<io.gravitee.rest.api.security.authentication.AuthenticationProvider> providers = authenticationProviderManager.getIdentityProviders().stream().filter(authenticationProvider -> !authenticationProvider.external()).collect(Collectors.toList());
    for (AuthenticationProvider provider : providers) {
        String providerType = provider.type();
        LOGGER.info("Loading authentication provider of type {} at position {}", providerType, provider.index());
        Collection<IdentityProvider> identityProviders = identityProviderManager.getAll();
        if (identityProviders != null) {
            Optional<io.gravitee.rest.api.idp.api.authentication.AuthenticationProvider> authenticationProviderPlugin = identityProviders.stream().filter(ip -> ip.type().equalsIgnoreCase(providerType)).map(ip -> identityProviderManager.loadIdentityProvider(ip.type(), provider.configuration())).filter(Objects::nonNull).findFirst();
            if (authenticationProviderPlugin.isPresent()) {
                Object authenticationProvider = authenticationProviderPlugin.get().configure();
                if (authenticationProvider instanceof org.springframework.security.authentication.AuthenticationProvider) {
                    auth.authenticationProvider((org.springframework.security.authentication.AuthenticationProvider) authenticationProvider);
                } else if (authenticationProvider instanceof SecurityConfigurer) {
                    auth.apply((SecurityConfigurer) authenticationProvider);
                }
            } else {
                LOGGER.error("No authentication provider found for type: {}", providerType);
            }
        }
    }
    LOGGER.info("--------------------------------------------------------------");
}
Also used : LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) CookieCsrfSignedTokenRepository(io.gravitee.rest.api.security.csrf.CookieCsrfSignedTokenRepository) HeadersConfigurer(org.springframework.security.config.annotation.web.configurers.HeadersConfigurer) AuthoritiesProvider(io.gravitee.rest.api.security.utils.AuthoritiesProvider) CorsConfigurationSource(org.springframework.web.cors.CorsConfigurationSource) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) CookieGenerator(io.gravitee.rest.api.security.cookies.CookieGenerator) HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment) CsrfRequestMatcher(io.gravitee.rest.api.security.csrf.CsrfRequestMatcher) AuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) AuthenticationSuccessListener(io.gravitee.rest.api.security.listener.AuthenticationSuccessListener) AuthenticationProviderManager(io.gravitee.rest.api.security.authentication.AuthenticationProviderManager) ParameterService(io.gravitee.rest.api.service.ParameterService) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) Logger(org.slf4j.Logger) RecaptchaFilter(io.gravitee.rest.api.security.filter.RecaptchaFilter) Collection(java.util.Collection) CsrfFilter(org.springframework.security.web.csrf.CsrfFilter) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) HttpMethod(org.springframework.http.HttpMethod) IdentityProviderManager(io.gravitee.rest.api.idp.core.plugin.IdentityProviderManager) CsrfIncludeFilter(io.gravitee.rest.api.security.filter.CsrfIncludeFilter) IdentityProvider(io.gravitee.rest.api.idp.api.IdentityProvider) Collectors(java.util.stream.Collectors) Profile(org.springframework.context.annotation.Profile) Objects(java.util.Objects) Configuration(org.springframework.context.annotation.Configuration) AuthenticationFailureListener(io.gravitee.rest.api.security.listener.AuthenticationFailureListener) List(java.util.List) EventManager(io.gravitee.common.event.EventManager) TokenAuthenticationFilter(io.gravitee.rest.api.security.filter.TokenAuthenticationFilter) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) GraviteeAuthenticationDetails(io.gravitee.rest.api.security.authentication.GraviteeAuthenticationDetails) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) Optional(java.util.Optional) AuthenticationProvider(io.gravitee.rest.api.security.authentication.AuthenticationProvider) Bean(org.springframework.context.annotation.Bean) ReCaptchaService(io.gravitee.rest.api.service.ReCaptchaService) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) AuthenticationProvider(io.gravitee.rest.api.security.authentication.AuthenticationProvider) IdentityProvider(io.gravitee.rest.api.idp.api.IdentityProvider)

Aggregations

ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 EventManager (io.gravitee.common.event.EventManager)1 IdentityProvider (io.gravitee.rest.api.idp.api.IdentityProvider)1 IdentityProviderManager (io.gravitee.rest.api.idp.core.plugin.IdentityProviderManager)1 AuthenticationProvider (io.gravitee.rest.api.security.authentication.AuthenticationProvider)1 AuthenticationProviderManager (io.gravitee.rest.api.security.authentication.AuthenticationProviderManager)1 GraviteeAuthenticationDetails (io.gravitee.rest.api.security.authentication.GraviteeAuthenticationDetails)1 CookieGenerator (io.gravitee.rest.api.security.cookies.CookieGenerator)1 CookieCsrfSignedTokenRepository (io.gravitee.rest.api.security.csrf.CookieCsrfSignedTokenRepository)1 CsrfRequestMatcher (io.gravitee.rest.api.security.csrf.CsrfRequestMatcher)1 CsrfIncludeFilter (io.gravitee.rest.api.security.filter.CsrfIncludeFilter)1 RecaptchaFilter (io.gravitee.rest.api.security.filter.RecaptchaFilter)1 TokenAuthenticationFilter (io.gravitee.rest.api.security.filter.TokenAuthenticationFilter)1 AuthenticationFailureListener (io.gravitee.rest.api.security.listener.AuthenticationFailureListener)1 AuthenticationSuccessListener (io.gravitee.rest.api.security.listener.AuthenticationSuccessListener)1 AuthoritiesProvider (io.gravitee.rest.api.security.utils.AuthoritiesProvider)1 ParameterService (io.gravitee.rest.api.service.ParameterService)1 ReCaptchaService (io.gravitee.rest.api.service.ReCaptchaService)1 Collection (java.util.Collection)1 List (java.util.List)1