Example 16 with OrcidProfileUserDetails
use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.
the class OrcidAuthorizationCodeServiceTest method getUserAuthentication.
private Authentication getUserAuthentication() {
OrcidProfileUserDetails details = (OrcidProfileUserDetails) orcidUserDetailsService.loadUserByUsername("4444-4444-4444-4445");
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(details.getOrcid(), "password");
auth.setDetails(details);
return auth;
}
Also used :
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 17 with OrcidProfileUserDetails
use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.
the class DeveloperToolsControllerTest method getAuthentication.
@Override
protected Authentication getAuthentication() {
orcidProfile = orcidProfileManager.retrieveOrcidProfile("4444-4444-4444-4442");
OrcidProfileUserDetails details = null;
if (orcidProfile.getType() != null) {
details = new OrcidProfileUserDetails(orcidProfile.getOrcidIdentifier().getPath(), orcidProfile.getOrcidBio().getContactDetails().getEmail().get(0).getValue(), orcidProfile.getOrcidInternal().getSecurityDetails().getEncryptedPassword().getContent(), orcidProfile.getType(), orcidProfile.getGroupType());
} else {
details = new OrcidProfileUserDetails(orcidProfile.getOrcidIdentifier().getPath(), orcidProfile.getOrcidBio().getContactDetails().getEmail().get(0).getValue(), orcidProfile.getOrcidInternal().getSecurityDetails().getEncryptedPassword().getContent());
}
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(details, "4444-4444-4444-4442", getRole());
return auth;
}
Also used :
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 18 with OrcidProfileUserDetails
use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.
the class BaseController method isEmailOkForCurrentUser.
protected boolean isEmailOkForCurrentUser(String decryptedEmail) {
OrcidProfileUserDetails userDetails = getCurrentUser();
if (userDetails == null) {
return true;
}
OrcidProfile orcidProfile = getEffectiveProfile();
if (orcidProfile == null) {
return true;
}
List<Email> emails = orcidProfile.getOrcidBio().getContactDetails().getEmail();
for (Email email : emails) {
if (decryptedEmail.equalsIgnoreCase(email.getValue())) {
return true;
}
}
return false;
}
Also used :
OrcidProfile(org.orcid.jaxb.model.message.OrcidProfile)
Email(org.orcid.jaxb.model.message.Email)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
Example 19 with OrcidProfileUserDetails
use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.
the class OrcidUserDetailsService method loadUserByUsername.
/**
* Locates the user based on the username. In the actual implementation, the
* search may possibly be case insensitive, or case insensitive depending on
* how the implementation instance is configured. In this case, the
* <code>UserDetails</code> object that comes back may have a username that
* is of a different case than what was actually requested..
*
* @param username
* the username identifying the user whose data is required.
* @return a fully populated user record (never <code>null</code>)
* @throws org.springframework.security.core.userdetails.UsernameNotFoundException
* if the user could not be found or the user has no
* GrantedAuthority
*/
@Override
@Transactional(propagation = Propagation.REQUIRED)
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
LOGGER.info("About to load user by username = {}", username);
ProfileEntity profile = obtainEntity(username);
if (profile == null) {
throw new UsernameNotFoundException("Bad username or password");
}
if (profile.getPrimaryRecord() != null) {
throw new DeprecatedProfileException("orcid.frontend.security.deprecated_with_primary", profile.getPrimaryRecord().getId(), profile.getId());
}
if (profile.getDeactivationDate() != null && !securityMgr.isAdmin()) {
throw new DisabledException("Account not active, please call helpdesk");
}
if (!profile.getClaimed() && !securityMgr.isAdmin()) {
throw new UnclaimedProfileExistsException("orcid.frontend.security.unclaimed_exists");
}
String primaryEmail = null;
// Clients doesnt have primary email, so, we need to cover that case.
if (profile.getPrimaryEmail() != null)
primaryEmail = profile.getPrimaryEmail().getId();
OrcidProfileUserDetails userDetails = null;
if (profile.getOrcidType() != null) {
OrcidType orcidType = OrcidType.fromValue(profile.getOrcidType().value());
userDetails = new OrcidProfileUserDetails(profile.getId(), primaryEmail, profile.getEncryptedPassword(), orcidType, profile.getGroupType());
} else {
userDetails = new OrcidProfileUserDetails(profile.getId(), primaryEmail, profile.getEncryptedPassword());
}
return userDetails;
}
Also used :
UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException)
OrcidType(org.orcid.jaxb.model.message.OrcidType)
DisabledException(org.springframework.security.authentication.DisabledException)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 20 with OrcidProfileUserDetails
use of org.orcid.core.oauth.OrcidProfileUserDetails in project ORCID-Source by ORCID.
the class SecurityContextTestUtils method setupSecurityContextForWebUser.
public static void setupSecurityContextForWebUser(String userId, String email) {
OrcidProfileUserDetails details = new OrcidProfileUserDetails(userId, email, "password");
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(userId, "password");
auth.setDetails(details);
SecurityContextImpl securityContext = new SecurityContextImpl();
securityContext.setAuthentication(auth);
SecurityContextHolder.setContext(securityContext);
}
Also used :
SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Aggregations
OrcidProfileUserDetails (org.orcid.core.oauth.OrcidProfileUserDetails)28
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)18
Authentication (org.springframework.security.core.Authentication)7
OrcidWebRole (org.orcid.core.security.OrcidWebRole)5
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)5
GrantedAuthority (org.springframework.security.core.GrantedAuthority)4
SecurityContext (org.springframework.security.core.context.SecurityContext)4
SwitchUserGrantedAuthority (org.springframework.security.web.authentication.switchuser.SwitchUserGrantedAuthority)4
PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)3
Email (org.orcid.jaxb.model.message.Email)2
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)2
SimpleFeatureUser (org.togglz.core.user.SimpleFeatureUser)2
UserProvider (org.togglz.core.user.UserProvider)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
Test (org.junit.Test)1
OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)1
OrcidType (org.orcid.jaxb.model.common_v2.OrcidType)1
OrcidProfile (org.orcid.jaxb.model.message.OrcidProfile)1
OrcidType (org.orcid.jaxb.model.message.OrcidType)1
OrcidType (org.orcid.jaxb.model.v3.dev1.common.OrcidType)1
