Examples with OrcidProfileUserDetails - org.orcid.core.oauth.OrcidProfileUserDetails

Example 1 with OrcidProfileUserDetails

use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.

the class OrcidTogglzConfiguration method getUserProvider.

@Override
public UserProvider getUserProvider() {
    return new UserProvider() {

        @Override
        public FeatureUser getCurrentUser() {
            boolean isAdmin = false;
            String userOrcid = null;
            SecurityContext context = SecurityContextHolder.getContext();
            if (context != null && context.getAuthentication() != null) {
                Authentication authentication = context.getAuthentication();
                if (authentication != null) {
                    Object principal = authentication.getPrincipal();
                    if (principal instanceof OrcidProfileUserDetails) {
                        OrcidProfileUserDetails userDetails = (OrcidProfileUserDetails) principal;
                        isAdmin = OrcidType.ADMIN.equals(userDetails.getOrcidType());
                        userOrcid = userDetails.getOrcid();
                    }
                }
            }
            return new SimpleFeatureUser(userOrcid, isAdmin);
        }
    };
}

Also used : UserProvider(org.togglz.core.user.UserProvider) SimpleFeatureUser(org.togglz.core.user.SimpleFeatureUser) Authentication(org.springframework.security.core.Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)

Example 2 with OrcidProfileUserDetails

use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.

the class NotificationController method executeAction.

@RequestMapping(value = "/encrypted/{encryptedId}/action", method = RequestMethod.GET)
public ModelAndView executeAction(@PathVariable("encryptedId") String encryptedId) {
    String idString;
    try {
        idString = encryptionManager.decryptForExternalUse(new String(Base64.decodeBase64(encryptedId), "UTF-8"));
    } catch (UnsupportedEncodingException e) {
        throw new RuntimeException("Problem decoding " + encryptedId, e);
    }
    Long id = Long.valueOf(idString);
    ActionableNotificationEntity notification = (ActionableNotificationEntity) notificationManager.findActionableNotificationEntity(id);
    String redirectUrl = notification.getAuthorizationUrl();
    String notificationOrcid = notification.getProfile().getId();
    OrcidProfileUserDetails user = getCurrentUser();
    if (user != null) {
        // The user is logged in
        if (!user.getOrcid().equals(notificationOrcid)) {
            return new ModelAndView("wrong_user");
        }
    } else {
        redirectUrl += "&orcid=" + notificationOrcid;
    }
    notificationManager.setActionedAndReadDate(notificationOrcid, id);
    return new ModelAndView("redirect:" + redirectUrl);
}

Also used : ActionableNotificationEntity(org.orcid.persistence.jpa.entities.ActionableNotificationEntity) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails) ModelAndView(org.springframework.web.servlet.ModelAndView) UnsupportedEncodingException(java.io.UnsupportedEncodingException) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with OrcidProfileUserDetails

use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.

the class BaseController method emailMatchesCurrentUser.

private boolean emailMatchesCurrentUser(String email) {
    OrcidProfileUserDetails currentUser = getCurrentUser();
    if (currentUser == null) {
        return false;
    }
    boolean match = false;
    for (Email cuEmail : getEffectiveProfile().getOrcidBio().getContactDetails().getEmail()) {
        if (cuEmail.getValue() != null && cuEmail.getValue().equalsIgnoreCase(email))
            match = true;
    }
    return match;
}

Also used : Email(org.orcid.jaxb.model.message.Email) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)

Example 4 with OrcidProfileUserDetails

use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.

the class SourceManagerImpl method isDelegatedByAnAdmin.

@Override
public boolean isDelegatedByAnAdmin() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null) {
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        if (authorities != null) {
            for (GrantedAuthority authority : authorities) {
                if (authority instanceof SwitchUserGrantedAuthority) {
                    SwitchUserGrantedAuthority suga = (SwitchUserGrantedAuthority) authority;
                    Authentication sourceAuthentication = suga.getSource();
                    if (sourceAuthentication instanceof UsernamePasswordAuthenticationToken && sourceAuthentication.getPrincipal() instanceof OrcidProfileUserDetails) {
                        org.orcid.jaxb.model.message.OrcidType legacyOrcidType = ((OrcidProfileUserDetails) sourceAuthentication.getPrincipal()).getOrcidType();
                        OrcidType sourceUserType = legacyOrcidType == null ? null : OrcidType.fromValue(legacyOrcidType.value());
                        return OrcidType.ADMIN.equals(sourceUserType);
                    }
                }
            }
        }
    }
    return false;
}

Also used : OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OrcidType(org.orcid.jaxb.model.common_v2.OrcidType) GrantedAuthority(org.springframework.security.core.GrantedAuthority) SwitchUserGrantedAuthority(org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SwitchUserGrantedAuthority(org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority)

Example 5 with OrcidProfileUserDetails

use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.

the class OrcidAuthorizationCodeServiceImpl method getDetailFromAuthorization.

private OrcidOauth2AuthoriziationCodeDetail getDetailFromAuthorization(String code, OAuth2Authentication authentication) {
    OAuth2Request oAuth2Request = authentication.getOAuth2Request();
    OrcidOauth2AuthoriziationCodeDetail detail = new OrcidOauth2AuthoriziationCodeDetail();
    Map<String, String> requestParameters = oAuth2Request.getRequestParameters();
    if (requestParameters != null && !requestParameters.isEmpty()) {
        String clientId = (String) requestParameters.get(CLIENT_ID);
        ClientDetailsEntity clientDetails = getClientDetails(clientId);
        if (clientDetails == null) {
            return null;
        }
        detail.setScopes(OAuth2Utils.parseParameterList((String) requestParameters.get(SCOPE)));
        detail.setState((String) requestParameters.get(STATE));
        detail.setRedirectUri((String) requestParameters.get(REDIRECT_URI));
        detail.setResponseType((String) requestParameters.get(RESPONSE_TYPE));
        detail.setClientDetailsEntity(clientDetails);
        // persist the openID params if present
        if (requestParameters.get(OrcidOauth2Constants.NONCE) != null)
            detail.setNonce((String) requestParameters.get(OrcidOauth2Constants.NONCE));
    }
    detail.setId(code);
    detail.setApproved(authentication.getOAuth2Request().isApproved());
    Authentication userAuthentication = authentication.getUserAuthentication();
    Object principal = userAuthentication.getDetails();
    ProfileEntity entity = null;
    if (principal instanceof OrcidProfileUserDetails) {
        OrcidProfileUserDetails userDetails = (OrcidProfileUserDetails) principal;
        String effectiveOrcid = userDetails.getOrcid();
        if (effectiveOrcid != null) {
            entity = profileEntityCacheManager.retrieve(effectiveOrcid);
        }
    }
    if (entity == null) {
        return null;
    }
    detail.setProfileEntity(entity);
    detail.setAuthenticated(userAuthentication.isAuthenticated());
    Set<String> authorities = getStringSetFromGrantedAuthorities(authentication.getAuthorities());
    detail.setAuthorities(authorities);
    Object authenticationDetails = userAuthentication.getDetails();
    if (authenticationDetails instanceof WebAuthenticationDetails) {
        detail.setSessionId(((WebAuthenticationDetails) authenticationDetails).getSessionId());
    }
    boolean isPersistentTokenEnabledByUser = false;
    // Set token version to persistent token
    // TODO: As of Jan 2015 all tokens will be new tokens, so, we will have to remove the token version code and
    // treat all tokens as new tokens
    detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
    if (requestParameters.containsKey(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN)) {
        String grantPersitentToken = (String) requestParameters.get(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN);
        if (Boolean.parseBoolean(grantPersitentToken)) {
            isPersistentTokenEnabledByUser = true;
        }
    }
    detail.setPersistent(isPersistentTokenEnabledByUser);
    return detail;
}

Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OrcidOauth2AuthoriziationCodeDetail(org.orcid.persistence.jpa.entities.OrcidOauth2AuthoriziationCodeDetail) OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)

Aggregations

OrcidProfileUserDetails (org.orcid.core.oauth.OrcidProfileUserDetails)28 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)18 Authentication (org.springframework.security.core.Authentication)7 OrcidWebRole (org.orcid.core.security.OrcidWebRole)5 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)5 GrantedAuthority (org.springframework.security.core.GrantedAuthority)4 SecurityContext (org.springframework.security.core.context.SecurityContext)4 SwitchUserGrantedAuthority (org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority)4 PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)3 Email (org.orcid.jaxb.model.message.Email)2 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)2 SimpleFeatureUser (org.togglz.core.user.SimpleFeatureUser)2 UserProvider (org.togglz.core.user.UserProvider)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Test (org.junit.Test)1 OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)1 OrcidType (org.orcid.jaxb.model.common_v2.OrcidType)1 OrcidProfile (org.orcid.jaxb.model.message.OrcidProfile)1 OrcidType (org.orcid.jaxb.model.message.OrcidType)1 OrcidType (org.orcid.jaxb.model.v3.dev1.common.OrcidType)1