Search in sources :

Example 1 with SecurityConfigurer

use of org.springframework.security.config.annotation.SecurityConfigurer in project gravitee-management-rest-api by gravitee-io.

the class BasicSecurityConfigurerAdapter method configure.

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    LOGGER.info("Loading authentication identity providers for Basic authentication");
    List<io.gravitee.management.security.authentication.AuthenticationProvider> providers = authenticationProviderManager.getIdentityProviders().stream().filter(authenticationProvider -> !authenticationProvider.external()).collect(Collectors.toList());
    for (io.gravitee.management.security.authentication.AuthenticationProvider provider : providers) {
        LOGGER.info("Loading authentication provider of type {} at position {}", provider.type(), provider.index());
        boolean found = false;
        Collection<IdentityProvider> identityProviders = identityProviderManager.getAll();
        for (IdentityProvider identityProvider : identityProviders) {
            if (identityProvider.type().equalsIgnoreCase(provider.type())) {
                AuthenticationProvider authenticationProviderPlugin = identityProviderManager.loadIdentityProvider(identityProvider.type(), provider.configuration());
                if (authenticationProviderPlugin != null) {
                    Object authenticationProvider = authenticationProviderPlugin.configure();
                    if (authenticationProvider instanceof org.springframework.security.authentication.AuthenticationProvider) {
                        auth.authenticationProvider((org.springframework.security.authentication.AuthenticationProvider) authenticationProvider);
                    } else if (authenticationProvider instanceof SecurityConfigurer) {
                        auth.apply((SecurityConfigurer) authenticationProvider);
                    }
                    found = true;
                    break;
                }
            }
        }
        if (!found) {
            LOGGER.error("No authentication provider found for type: {}", provider.type());
            throw new IllegalStateException("No authentication provider found for type: " + provider.type());
        }
    }
}
Also used : JWTCookieGenerator(io.gravitee.management.security.cookies.JWTCookieGenerator) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) CorsConfigurationSource(org.springframework.web.cors.CorsConfigurationSource) WebSecurityConfigurerAdapter(org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter) AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder) ConfigurableEnvironment(org.springframework.core.env.ConfigurableEnvironment) AuthenticationProviderManager(io.gravitee.management.security.authentication.AuthenticationProviderManager) Arrays.asList(java.util.Arrays.asList) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) DEFAULT_JWT_ISSUER(io.gravitee.management.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER) IdentityProvider(io.gravitee.management.idp.api.IdentityProvider) DEFAULT_JWT_EXPIRE_AFTER(io.gravitee.management.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_EXPIRE_AFTER) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) IdentityProviderManager(io.gravitee.management.idp.core.plugin.IdentityProviderManager) Logger(org.slf4j.Logger) AuthenticationSuccessFilter(io.gravitee.management.security.filter.AuthenticationSuccessFilter) Collection(java.util.Collection) HttpMethod(org.springframework.http.HttpMethod) UrlBasedCorsConfigurationSource(org.springframework.web.cors.UrlBasedCorsConfigurationSource) CorsConfiguration(org.springframework.web.cors.CorsConfiguration) Profile(org.springframework.context.annotation.Profile) Collectors(java.util.stream.Collectors) Configuration(org.springframework.context.annotation.Configuration) JWTAuthenticationFilter(io.gravitee.management.security.filter.JWTAuthenticationFilter) List(java.util.List) MembershipService(io.gravitee.management.service.MembershipService) EnableWebSecurity(org.springframework.security.config.annotation.web.configuration.EnableWebSecurity) AuthenticationSuccessListener(io.gravitee.management.security.listener.AuthenticationSuccessListener) SessionCreationPolicy(org.springframework.security.config.http.SessionCreationPolicy) Bean(org.springframework.context.annotation.Bean) Collections(java.util.Collections) AuthenticationProvider(io.gravitee.management.idp.api.authentication.AuthenticationProvider) SecurityConfigurer(org.springframework.security.config.annotation.SecurityConfigurer) AuthenticationProvider(io.gravitee.management.idp.api.authentication.AuthenticationProvider) IdentityProvider(io.gravitee.management.idp.api.IdentityProvider)

Aggregations

IdentityProvider (io.gravitee.management.idp.api.IdentityProvider)1 AuthenticationProvider (io.gravitee.management.idp.api.authentication.AuthenticationProvider)1 IdentityProviderManager (io.gravitee.management.idp.core.plugin.IdentityProviderManager)1 AuthenticationProviderManager (io.gravitee.management.security.authentication.AuthenticationProviderManager)1 JWTCookieGenerator (io.gravitee.management.security.cookies.JWTCookieGenerator)1 AuthenticationSuccessFilter (io.gravitee.management.security.filter.AuthenticationSuccessFilter)1 JWTAuthenticationFilter (io.gravitee.management.security.filter.JWTAuthenticationFilter)1 AuthenticationSuccessListener (io.gravitee.management.security.listener.AuthenticationSuccessListener)1 MembershipService (io.gravitee.management.service.MembershipService)1 DEFAULT_JWT_EXPIRE_AFTER (io.gravitee.management.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_EXPIRE_AFTER)1 DEFAULT_JWT_ISSUER (io.gravitee.management.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER)1 Arrays.asList (java.util.Arrays.asList)1 Collection (java.util.Collection)1 Collections (java.util.Collections)1 List (java.util.List)1 Collectors (java.util.stream.Collectors)1 Logger (org.slf4j.Logger)1 LoggerFactory (org.slf4j.LoggerFactory)1 Autowired (org.springframework.beans.factory.annotation.Autowired)1 Bean (org.springframework.context.annotation.Bean)1