Example 56 with SecurityContext
use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.
the class OrcidTogglzConfiguration method getUserProvider.
@Override
public UserProvider getUserProvider() {
return new UserProvider() {
@Override
public FeatureUser getCurrentUser() {
boolean isAdmin = false;
String userOrcid = null;
SecurityContext context = SecurityContextHolder.getContext();
if (context != null && context.getAuthentication() != null) {
Authentication authentication = context.getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
if (principal instanceof OrcidProfileUserDetails) {
OrcidProfileUserDetails userDetails = (OrcidProfileUserDetails) principal;
isAdmin = OrcidType.ADMIN.equals(userDetails.getOrcidType());
userOrcid = userDetails.getOrcid();
}
}
}
return new SimpleFeatureUser(userOrcid, isAdmin);
}
};
}
Also used :
UserProvider(org.togglz.core.user.UserProvider)
SimpleFeatureUser(org.togglz.core.user.SimpleFeatureUser)
Authentication(org.springframework.security.core.Authentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
Example 57 with SecurityContext
use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.
the class OrcidSecurityManagerImpl method getClientIdFromAPIRequest.
@Override
public String getClientIdFromAPIRequest() {
SecurityContext context = SecurityContextHolder.getContext();
Authentication authentication = context.getAuthentication();
if (authentication != null && OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication;
OAuth2Request request = oAuth2Authentication.getOAuth2Request();
return request.getClientId();
}
return null;
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
Example 58 with SecurityContext
use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.
the class BaseControllerUtilTest method getCurrentUserWrongAuthenticationClass.
@Test
public void getCurrentUserWrongAuthenticationClass() {
SecurityContext context = mock(SecurityContext.class);
TestingAuthenticationToken testingAuthenticationToken = mock(TestingAuthenticationToken.class);
when(context.getAuthentication()).thenReturn(testingAuthenticationToken);
assertNull(baseControllerUtil.getCurrentUser(context));
}
Also used :
SecurityContext(org.springframework.security.core.context.SecurityContext)
TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken)
Example 59 with SecurityContext
use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.
the class BaseControllerUtilTest method getCurrentUserUsernamePasswordAuthenticationToken.
@Test
public void getCurrentUserUsernamePasswordAuthenticationToken() {
SecurityContext context = mock(SecurityContext.class);
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = mock(UsernamePasswordAuthenticationToken.class);
OrcidProfileUserDetails orcidProfileUserDetails = mock(OrcidProfileUserDetails.class);
when(context.getAuthentication()).thenReturn(usernamePasswordAuthenticationToken);
when(usernamePasswordAuthenticationToken.getPrincipal()).thenReturn(orcidProfileUserDetails);
assertNotNull(baseControllerUtil.getCurrentUser(context));
}
Also used :
SecurityContext(org.springframework.security.core.context.SecurityContext)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
Example 60 with SecurityContext
use of org.springframework.security.core.context.SecurityContext in project ORCID-Source by ORCID.
the class BaseControllerUtilTest method getCurrentUserNoAuthentication.
@Test
public void getCurrentUserNoAuthentication() {
SecurityContext context = mock(SecurityContext.class);
assertNull(baseControllerUtil.getCurrentUser(context));
}
Also used :
SecurityContext(org.springframework.security.core.context.SecurityContext)
Aggregations
SecurityContext (org.springframework.security.core.context.SecurityContext)147
Test (org.junit.Test)65
Authentication (org.springframework.security.core.Authentication)63
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)46
SecurityContextImpl (org.springframework.security.core.context.SecurityContextImpl)46
MifosUser (org.mifos.security.MifosUser)38
MifosUserBuilder (org.mifos.builders.MifosUserBuilder)29
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)21
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)19
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)19
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)16
HttpServletResponse (javax.servlet.http.HttpServletResponse)15
Before (org.junit.Before)15
GrantedAuthority (org.springframework.security.core.GrantedAuthority)13
ArrayList (java.util.ArrayList)10
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
PrepareOnlyThisForTest (org.powermock.core.classloader.annotations.PrepareOnlyThisForTest)7
SessionDestroyedEvent (org.springframework.security.core.session.SessionDestroyedEvent)7
HttpSession (javax.servlet.http.HttpSession)6
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6
