Search in sources :

Example 56 with UserDetails

use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.

the class PreAuthenticatedAuthenticationProviderTests method authenticateIgnoreCredentials.

@Test
public final void authenticateIgnoreCredentials() throws Exception {
    UserDetails ud = new User("dummyUser1", "dummyPwd1", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
    PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
    Authentication request = new PreAuthenticatedAuthenticationToken("dummyUser1", "dummyPwd2");
    Authentication result = provider.authenticate(request);
    assertThat(result).isNotNull();
    assertThat(ud).isEqualTo(result.getPrincipal());
// @TODO: Add more asserts?
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) User(org.springframework.security.core.userdetails.User) Authentication(org.springframework.security.core.Authentication) Test(org.junit.Test)

Example 57 with UserDetails

use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.

the class PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests method testGetUserDetails.

private void testGetUserDetails(final String userName, final List<GrantedAuthority> gas) {
    PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService();
    PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(userName, "dummy");
    token.setDetails(new GrantedAuthoritiesContainer() {

        public Collection<? extends GrantedAuthority> getGrantedAuthorities() {
            return gas;
        }
    });
    UserDetails ud = svc.loadUserDetails(token);
    assertThat(ud.isAccountNonExpired()).isTrue();
    assertThat(ud.isAccountNonLocked()).isTrue();
    assertThat(ud.isCredentialsNonExpired()).isTrue();
    assertThat(ud.isEnabled()).isTrue();
    assertThat(userName).isEqualTo(ud.getUsername());
    // Password is not saved by
    // PreAuthenticatedGrantedAuthoritiesUserDetailsService
    // assertThat(password).isEqualTo(ud.getPassword());
    assertThat(gas.containsAll(ud.getAuthorities()) && ud.getAuthorities().containsAll(gas)).withFailMessage("GrantedAuthority collections do not match; result: " + ud.getAuthorities() + ", expected: " + gas).isTrue();
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) GrantedAuthoritiesContainer(org.springframework.security.core.authority.GrantedAuthoritiesContainer) GrantedAuthority(org.springframework.security.core.GrantedAuthority)

Example 58 with UserDetails

use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.

the class SwitchUserFilterTests method modificationOfAuthoritiesWorks.

@Test
public void modificationOfAuthoritiesWorks() {
    UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
    SecurityContextHolder.getContext().setAuthentication(auth);
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
    SwitchUserFilter filter = new SwitchUserFilter();
    filter.setUserDetailsService(new MockUserDetailsService());
    filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {

        public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted) {
            List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
            auths.add(new SimpleGrantedAuthority("ROLE_NEW"));
            return auths;
        }
    });
    Authentication result = filter.attemptSwitchUser(request);
    assertThat(result != null).isTrue();
    assertThat(result.getAuthorities()).hasSize(2);
    assertThat(AuthorityUtils.authorityListToSet(result.getAuthorities())).contains("ROLE_NEW");
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication)

Example 59 with UserDetails

use of org.springframework.security.core.userdetails.UserDetails in project spring-security-oauth by spring-projects.

the class PhotoServiceImpl method getPhotosForCurrentUser.

public Collection<PhotoInfo> getPhotosForCurrentUser() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication.getPrincipal() instanceof UserDetails) {
        UserDetails details = (UserDetails) authentication.getPrincipal();
        String username = details.getUsername();
        ArrayList<PhotoInfo> infos = new ArrayList<PhotoInfo>();
        for (PhotoInfo info : getPhotos()) {
            if (username.equals(info.getUserId())) {
                infos.add(info);
            }
        }
        return infos;
    } else {
        throw new BadCredentialsException("Bad credentials: not a username/password authentication.");
    }
}
Also used : PhotoInfo(org.springframework.security.oauth.examples.sparklr.PhotoInfo) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) ArrayList(java.util.ArrayList) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)

Example 60 with UserDetails

use of org.springframework.security.core.userdetails.UserDetails in project spring-security-oauth by spring-projects.

the class DefaultUserAuthenticationConverter method extractAuthentication.

public Authentication extractAuthentication(Map<String, ?> map) {
    if (map.containsKey(USERNAME)) {
        Object principal = map.get(USERNAME);
        Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
        if (userDetailsService != null) {
            UserDetails user = userDetailsService.loadUserByUsername((String) map.get(USERNAME));
            authorities = user.getAuthorities();
            principal = user;
        }
        return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
    }
    return null;
}
Also used : UserDetails(org.springframework.security.core.userdetails.UserDetails) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)

Aggregations

UserDetails (org.springframework.security.core.userdetails.UserDetails)111 Test (org.junit.Test)42 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)33 Authentication (org.springframework.security.core.Authentication)32 GrantedAuthority (org.springframework.security.core.GrantedAuthority)17 UserDetailsService (org.springframework.security.core.userdetails.UserDetailsService)15 User (org.springframework.security.core.userdetails.User)14 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)10 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)9 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 LdapUserDetailsService (org.springframework.security.ldap.userdetails.LdapUserDetailsService)7 UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)6 UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)6 Transactional (org.springframework.transaction.annotation.Transactional)6 Date (java.util.Date)4 User (org.apache.atlas.web.model.User)4 User (org.hisp.dhis.user.User)4 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)4 AuthenticationException (org.springframework.security.core.AuthenticationException)4