Example 91 with GrantedAuthority
use of org.springframework.security.core.GrantedAuthority in project vft-capture by videofirst.
the class EncryptedLockOutSupportAuthenticationProvider method getAuthorities.
// Private methods
private Collection<? extends GrantedAuthority> getAuthorities(String role) {
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority(role));
return Collections.unmodifiableSet(authorities);
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
HashSet(java.util.HashSet)
Example 92 with GrantedAuthority
use of org.springframework.security.core.GrantedAuthority in project CzechIdMng by bcvsolutions.
the class AuthorizationPolicyDeletePermissionsChangeProcessor method process.
@Override
public EventResult<IdmAuthorizationPolicyDto> process(EntityEvent<IdmAuthorizationPolicyDto> event) {
IdmAuthorizationPolicyDto entity = event.getContent();
Set<GrantedAuthority> currentRolePermissions = service.getEnabledRoleAuthorities(null, entity.getRole());
Set<GrantedAuthority> persistedRolePermissions = service.getEnabledPersistedRoleAuthorities(null, entity.getRole());
//
if (!currentRolePermissions.equals(persistedRolePermissions)) {
updateIdentitiesAuthChangeInRole(entity.getRole());
}
//
return new DefaultEventResult<>(event, this);
}
Also used :
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
Example 93 with GrantedAuthority
use of org.springframework.security.core.GrantedAuthority in project CzechIdMng by bcvsolutions.
the class DefaultIdmAuthorizationPolicyService method getGrantedAuthorities.
@Override
@Transactional(readOnly = true)
public Set<GrantedAuthority> getGrantedAuthorities(UUID identityId, List<IdmAuthorizationPolicyDto> policies) {
final Set<GrantedAuthority> authorities = new HashSet<>();
// find all active policies and return their authority by authorizable type
for (IdmAuthorizationPolicyDto policy : policies) {
// evaluate policy permissions - authorities are eveluated on null entity
String groupPermission = policy.getGroupPermission();
Set<String> baseAuthorities = getAuthorizationManager().getAuthorities(identityId, policy);
//
if (IdmGroupPermission.APP.getName().equals(groupPermission) || (StringUtils.isEmpty(groupPermission) && baseAuthorities.contains(IdmBasePermission.ADMIN.getName()))) {
// admin
return Sets.newHashSet(new DefaultGrantedAuthority(IdmGroupPermission.APP.getName(), IdmBasePermission.ADMIN.getName()));
}
if (StringUtils.isEmpty(groupPermission)) {
if (baseAuthorities.contains(IdmBasePermission.ADMIN.getName())) {
// all groups => synonym to APP_ADMIN
authorities.add(new DefaultGrantedAuthority(IdmGroupPermission.APP.getName(), IdmBasePermission.ADMIN.getName()));
} else {
// some base permission only
moduleService.getAvailablePermissions().forEach(availableGroupPermission -> {
if (IdmGroupPermission.APP != availableGroupPermission) {
// app is wildcard only - skipping
for (String permission : baseAuthorities) {
authorities.add(new DefaultGrantedAuthority(availableGroupPermission.getName(), permission));
}
;
}
});
}
} else if (baseAuthorities.contains(IdmBasePermission.ADMIN.getName())) {
authorities.add(new DefaultGrantedAuthority(groupPermission, IdmBasePermission.ADMIN.getName()));
} else {
for (String permission : baseAuthorities) {
authorities.add(new DefaultGrantedAuthority(groupPermission, permission));
}
;
}
}
//
return authorities;
}
Also used :
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
HashSet(java.util.HashSet)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 94 with GrantedAuthority
use of org.springframework.security.core.GrantedAuthority in project CzechIdMng by bcvsolutions.
the class TestAppAuthenticationFilter method authorize.
@Override
public boolean authorize(String token, HttpServletRequest request, HttpServletResponse response) {
try {
Optional<Jwt> jwt = HttpFilterUtils.parseToken(token);
if (!jwt.isPresent()) {
return false;
}
Map<String, Object> claims = verifyTokenAndGetClaims(jwt.get());
String userName = (String) claims.get(HttpFilterUtils.JWT_USER_NAME);
IdmIdentityDto identity = identityService.getByUsername(userName);
// not important - either new refreshed token or data are returned to user
DateTime expiration = null;
Collection<GrantedAuthority> authorities = null;
if (shouldGrantAuthoritiesForPath(request.getServletPath())) {
authorities = grantedAuthoritiesFactory.getGrantedAuthoritiesForIdentity(identity.getId());
} else {
authorities = new ArrayList<>();
}
IdmJwtAuthentication ija = new IdmJwtAuthentication(identity, expiration, authorities, EntityUtils.getModule(this.getClass()));
SecurityContextHolder.getContext().setAuthentication(ija);
return true;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
Also used :
Jwt(org.springframework.security.jwt.Jwt)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
DateTime(org.joda.time.DateTime)
ValidationException(javax.validation.ValidationException)
Example 95 with GrantedAuthority
use of org.springframework.security.core.GrantedAuthority in project CzechIdMng by bcvsolutions.
the class JwtAuthenticationMapper method fromDto.
/**
* Converts dto to authentication.
*
* @param dto
* @return
*/
public IdmJwtAuthentication fromDto(IdmJwtAuthenticationDto dto) {
Assert.notNull(dto);
//
Collection<DefaultGrantedAuthorityDto> authorities = dto.getAuthorities();
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
if (authorities != null) {
for (DefaultGrantedAuthorityDto a : authorities) {
grantedAuthorities.add(new DefaultGrantedAuthority(a.getAuthority()));
}
}
IdmJwtAuthentication authentication = new IdmJwtAuthentication(new IdmIdentityDto(dto.getCurrentIdentityId(), dto.getCurrentUsername()), new IdmIdentityDto(dto.getOriginalIdentityId(), dto.getOriginalUsername()), dto.getExpiration(), dto.getIssuedAt(), grantedAuthorities, dto.getFromModule());
return authentication;
}
Also used :
DefaultGrantedAuthorityDto(eu.bcvsolutions.idm.core.security.api.dto.DefaultGrantedAuthorityDto)
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Aggregations
GrantedAuthority (org.springframework.security.core.GrantedAuthority)188
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)90
Authentication (org.springframework.security.core.Authentication)55
ArrayList (java.util.ArrayList)43
Test (org.junit.Test)42
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)37
HashSet (java.util.HashSet)27
UserDetails (org.springframework.security.core.userdetails.UserDetails)16
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)15
DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)11
Before (org.junit.Before)10
SecurityContext (org.springframework.security.core.context.SecurityContext)10
User (org.springframework.security.core.userdetails.User)10
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)10
DefaultGrantedAuthority (eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)9
List (java.util.List)9
UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)9
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)8
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)8
