use of io.jmix.core.security.UserRepository in project jmix by jmix-framework.
the class AnonymousConfigurer method initAnonymous.
protected void initAnonymous(HttpSecurity http) {
try {
ApplicationContext applicationContext = http.getSharedObject(ApplicationContext.class);
CoreProperties coreProperties = applicationContext.getBean(CoreProperties.class);
UserRepository userRepository = applicationContext.getBean(UserRepository.class);
http.anonymous(anonymousConfigurer -> {
anonymousConfigurer.key(coreProperties.getAnonymousAuthenticationTokenKey());
anonymousConfigurer.principal(userRepository.getAnonymousUser());
Collection<? extends GrantedAuthority> anonymousAuthorities = userRepository.getAnonymousUser().getAuthorities();
if (!anonymousAuthorities.isEmpty()) {
anonymousConfigurer.authorities(new ArrayList<>(userRepository.getAnonymousUser().getAuthorities()));
}
});
} catch (Exception e) {
throw new RuntimeException("Error while init security", e);
}
}
use of io.jmix.core.security.UserRepository in project jmix by jmix-framework.
the class UserSessionSourceImpl method updateUserSessionFromAuthentication.
protected void updateUserSessionFromAuthentication(Authentication authentication, UserSession session) {
UserRepository userRepository = beanFactory.getBean(UserRepository.class);
if (authentication instanceof UsernamePasswordAuthenticationToken || authentication instanceof RememberMeAuthenticationToken) {
session.setUser((UserDetails) authentication.getPrincipal());
if (authentication.getDetails() instanceof ClientDetails) {
ClientDetails clientDetails = (ClientDetails) authentication.getDetails();
session.setLocale(clientDetails.getLocale());
} else {
session.setLocale(Locale.getDefault());
}
} else if (authentication instanceof AnonymousAuthenticationToken || authentication instanceof SystemAuthenticationToken) {
Object principal = authentication.getPrincipal();
if (principal instanceof UserDetails) {
session.setUser((UserDetails) authentication.getPrincipal());
session.setLocale(Locale.getDefault());
} else {
session.setUser(userRepository.getSystemUser());
session.setLocale(Locale.getDefault());
}
} else if (authentication instanceof OAuth2Authentication) {
Authentication userAuthentication = ((OAuth2Authentication) authentication).getUserAuthentication();
if (userAuthentication != authentication) {
updateUserSessionFromAuthentication(userAuthentication, session);
}
} else if (authentication == null) {
// todo MG should null authentication be possible?
// todo MG what user to return?
session.setUser(userRepository.getSystemUser());
session.setLocale(Locale.getDefault());
} else {
throw new RuntimeException("Authentication type is not supported: " + authentication.getClass().getCanonicalName());
}
}
Aggregations