Examples with GrantedAuthority org.springframework.security.core.GrantedAuthority used on opensource projects

Example 66 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project libresonic by Libresonic.

the class LibresonicUserDetailsContextMapper method mapUserFromContext.

// ~ Methods
// ========================================================================================================
public UserDetails mapUserFromContext(DirContextOperations ctx, String username, Collection<? extends GrantedAuthority> authorities) {
    String dn = ctx.getNameInNamespace();
    logger.debug("Mapping user details from context with DN: " + dn);
    // User must be defined in Libresonic, unless auto-shadowing is enabled.
    User user = securityService.getUserByName(username, false);
    if (user == null && !settingsService.isLdapAutoShadowing()) {
        throw new BadCredentialsException("User does not exist.");
    }
    if (user == null) {
        User newUser = new User(username, "", null, true, 0L, 0L, 0L);
        newUser.setStreamRole(true);
        newUser.setSettingsRole(true);
        securityService.createUser(newUser);
        logger.info("Created local user '" + username + "' for DN " + dn);
        user = securityService.getUserByName(username, false);
    }
    // LDAP authentication must be enabled for the given user.
    if (!user.isLdapAuthenticated()) {
        throw new BadCredentialsException("LDAP authentication disabled for user.");
    }
    LdapUserDetailsImpl.Essence essence = new LdapUserDetailsImpl.Essence();
    essence.setDn(dn);
    Object passwordValue = ctx.getObjectAttribute(passwordAttributeName);
    if (passwordValue != null) {
        essence.setPassword(mapPassword(passwordValue));
    }
    essence.setUsername(user.getUsername());
    // Add the supplied authorities
    for (GrantedAuthority authority : securityService.getGrantedAuthorities(user.getUsername())) {
        essence.addAuthority(authority);
    }
    // Check for PPolicy data
    PasswordPolicyResponseControl ppolicy = (PasswordPolicyResponseControl) ctx.getObjectAttribute(PasswordPolicyControl.OID);
    if (ppolicy != null) {
        essence.setTimeBeforeExpiration(ppolicy.getTimeBeforeExpiration());
        essence.setGraceLoginsRemaining(ppolicy.getGraceLoginsRemaining());
    }
    return essence.createUserDetails();
}

Example 67 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project libresonic by Libresonic.

the class JWTAuthenticationProvider method authenticate.

@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
    JWTAuthenticationToken authentication = (JWTAuthenticationToken) auth;
    if (authentication.getCredentials() == null || !(authentication.getCredentials() instanceof String)) {
        logger.error("Credentials not present");
        return null;
    }
    String rawToken = (String) auth.getCredentials();
    DecodedJWT token = JWTSecurityService.verify(jwtKey, rawToken);
    Claim path = token.getClaim(JWTSecurityService.CLAIM_PATH);
    authentication.setAuthenticated(true);
    // TODO:AD This is super unfortunate, but not sure there is a better way when using JSP
    if (StringUtils.contains(authentication.getRequestedPath(), "/WEB-INF/jsp/")) {
        logger.warn("BYPASSING AUTH FOR WEB-INF page");
    } else if (!roughlyEqual(path.asString(), authentication.getRequestedPath())) {
        throw new InsufficientAuthenticationException("Credentials not valid for path " + authentication.getRequestedPath() + ". They are valid for " + path.asString());
    }
    List<GrantedAuthority> authorities = new ArrayList<>();
    authorities.add(new SimpleGrantedAuthority("IS_AUTHENTICATED_FULLY"));
    authorities.add(new SimpleGrantedAuthority("ROLE_TEMP"));
    return new JWTAuthenticationToken(authorities, rawToken, authentication.getRequestedPath());
}

Example 68 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project libresonic by Libresonic.

the class SecurityService method loadUserByUsername.

public UserDetails loadUserByUsername(String username, boolean caseSensitive) throws UsernameNotFoundException, DataAccessException {
    User user = getUserByName(username, caseSensitive);
    if (user == null) {
        throw new UsernameNotFoundException("User \"" + username + "\" was not found.");
    }
    List<GrantedAuthority> authorities = getGrantedAuthorities(username);
    return new org.springframework.security.core.userdetails.User(username, user.getPassword(), authorities);
}

Example 69 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project libresonic by Libresonic.

the class SecurityService method getGrantedAuthorities.

public List<GrantedAuthority> getGrantedAuthorities(String username) {
    String[] roles = userDao.getRolesForUser(username);
    List<GrantedAuthority> authorities = new ArrayList<>();
    authorities.add(new SimpleGrantedAuthority("IS_AUTHENTICATED_ANONYMOUSLY"));
    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
    for (int i = 0; i < roles.length; i++) {
        authorities.add(new SimpleGrantedAuthority("ROLE_" + roles[i].toUpperCase()));
    }
    return authorities;
}

Example 70 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project incubator-atlas by apache.

the class AtlasAbstractAuthenticationProvider method getAuthenticationWithGrantedAuthorityFromUGI.

public Authentication getAuthenticationWithGrantedAuthorityFromUGI(Authentication authentication) {
    UsernamePasswordAuthenticationToken result = null;
    if (authentication != null && authentication.isAuthenticated()) {
        List<GrantedAuthority> grantedAuthsUGI = getAuthoritiesFromUGI(authentication.getName());
        final UserDetails userDetails = new User(authentication.getName(), authentication.getCredentials().toString(), grantedAuthsUGI);
        result = new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials(), grantedAuthsUGI);
        result.setDetails(authentication.getDetails());
        return result;
    }
    return authentication;
}