Example 1 with SystemAuthenticationToken
use of io.jmix.core.security.SystemAuthenticationToken in project jmix by jmix-framework.
the class SystemAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!(authentication instanceof SystemAuthenticationToken)) {
throw new IllegalArgumentException(String.format("%s does not support %s", getClass().getSimpleName(), authentication.getClass()));
}
UserDetails userDetails;
String username = authentication.getName();
// todo MG check null or 'system'
if (Strings.isNullOrEmpty(username)) {
userDetails = userRepository.getSystemUser();
} else {
userDetails = userRepository.loadUserByUsername(username);
}
return new SystemAuthenticationToken(userDetails, userDetails.getAuthorities());
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
SystemAuthenticationToken(io.jmix.core.security.SystemAuthenticationToken)
Example 2 with SystemAuthenticationToken
use of io.jmix.core.security.SystemAuthenticationToken in project jmix by jmix-framework.
the class SystemAuthenticatorImpl method begin.
@Override
public Authentication begin(@Nullable String login) {
if (authenticationManager == null) {
throw new IllegalStateException("AuthenticationManager is not defined");
}
pushAuthentication(SecurityContextHelper.getAuthentication());
try {
Authentication authentication;
if (!Strings.isNullOrEmpty(login)) {
log.trace("Authenticating as {}", login);
Authentication authToken = new SystemAuthenticationToken(login);
authentication = authenticationManager.authenticate(authToken);
} else {
log.trace("Authenticating as system");
Authentication authToken = new SystemAuthenticationToken(null);
authentication = authenticationManager.authenticate(authToken);
}
SecurityContextHelper.setAuthentication(authentication);
return authentication;
} catch (AuthenticationException e) {
pollAuthentication();
throw e;
}
}
Also used :
AuthenticationException(org.springframework.security.core.AuthenticationException)
Authentication(org.springframework.security.core.Authentication)
SystemAuthenticationToken(io.jmix.core.security.SystemAuthenticationToken)
Example 3 with SystemAuthenticationToken
use of io.jmix.core.security.SystemAuthenticationToken in project jmix by jmix-framework.
the class UserSessionSourceImpl method updateUserSessionFromAuthentication.
protected void updateUserSessionFromAuthentication(Authentication authentication, UserSession session) {
UserRepository userRepository = beanFactory.getBean(UserRepository.class);
if (authentication instanceof UsernamePasswordAuthenticationToken || authentication instanceof RememberMeAuthenticationToken) {
session.setUser((UserDetails) authentication.getPrincipal());
if (authentication.getDetails() instanceof ClientDetails) {
ClientDetails clientDetails = (ClientDetails) authentication.getDetails();
session.setLocale(clientDetails.getLocale());
} else {
session.setLocale(Locale.getDefault());
}
} else if (authentication instanceof AnonymousAuthenticationToken || authentication instanceof SystemAuthenticationToken) {
Object principal = authentication.getPrincipal();
if (principal instanceof UserDetails) {
session.setUser((UserDetails) authentication.getPrincipal());
session.setLocale(Locale.getDefault());
} else {
session.setUser(userRepository.getSystemUser());
session.setLocale(Locale.getDefault());
}
} else if (authentication instanceof OAuth2Authentication) {
Authentication userAuthentication = ((OAuth2Authentication) authentication).getUserAuthentication();
if (userAuthentication != authentication) {
updateUserSessionFromAuthentication(userAuthentication, session);
}
} else if (authentication == null) {
// todo MG should null authentication be possible?
// todo MG what user to return?
session.setUser(userRepository.getSystemUser());
session.setLocale(Locale.getDefault());
} else {
throw new RuntimeException("Authentication type is not supported: " + authentication.getClass().getCanonicalName());
}
}
Also used :
UserRepository(io.jmix.core.security.UserRepository)
ClientDetails(io.jmix.core.security.ClientDetails)
UserDetails(org.springframework.security.core.userdetails.UserDetails)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
RememberMeAuthenticationToken(org.springframework.security.authentication.RememberMeAuthenticationToken)
SystemAuthenticationToken(io.jmix.core.security.SystemAuthenticationToken)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
Aggregations
SystemAuthenticationToken (io.jmix.core.security.SystemAuthenticationToken)3
Authentication (org.springframework.security.core.Authentication)2
UserDetails (org.springframework.security.core.userdetails.UserDetails)2
ClientDetails (io.jmix.core.security.ClientDetails)1
UserRepository (io.jmix.core.security.UserRepository)1
AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)1
RememberMeAuthenticationToken (org.springframework.security.authentication.RememberMeAuthenticationToken)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
AuthenticationException (org.springframework.security.core.AuthenticationException)1
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)1
