use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class PreAuthenticatedAuthenticationProviderTests method authenticateIgnoreCredentials.
@Test
public final void authenticateIgnoreCredentials() throws Exception {
UserDetails ud = new User("dummyUser1", "dummyPwd1", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
PreAuthenticatedAuthenticationProvider provider = getProvider(ud);
Authentication request = new PreAuthenticatedAuthenticationToken("dummyUser1", "dummyPwd2");
Authentication result = provider.authenticate(request);
assertThat(result).isNotNull();
assertThat(ud).isEqualTo(result.getPrincipal());
// @TODO: Add more asserts?
}
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class PreAuthenticatedGrantedAuthoritiesUserDetailsServiceTests method testGetUserDetails.
private void testGetUserDetails(final String userName, final List<GrantedAuthority> gas) {
PreAuthenticatedGrantedAuthoritiesUserDetailsService svc = new PreAuthenticatedGrantedAuthoritiesUserDetailsService();
PreAuthenticatedAuthenticationToken token = new PreAuthenticatedAuthenticationToken(userName, "dummy");
token.setDetails(new GrantedAuthoritiesContainer() {
public Collection<? extends GrantedAuthority> getGrantedAuthorities() {
return gas;
}
});
UserDetails ud = svc.loadUserDetails(token);
assertThat(ud.isAccountNonExpired()).isTrue();
assertThat(ud.isAccountNonLocked()).isTrue();
assertThat(ud.isCredentialsNonExpired()).isTrue();
assertThat(ud.isEnabled()).isTrue();
assertThat(userName).isEqualTo(ud.getUsername());
// Password is not saved by
// PreAuthenticatedGrantedAuthoritiesUserDetailsService
// assertThat(password).isEqualTo(ud.getPassword());
assertThat(gas.containsAll(ud.getAuthorities()) && ud.getAuthorities().containsAll(gas)).withFailMessage("GrantedAuthority collections do not match; result: " + ud.getAuthorities() + ", expected: " + gas).isTrue();
}
use of org.springframework.security.core.userdetails.UserDetails in project spring-security by spring-projects.
the class SwitchUserFilterTests method modificationOfAuthoritiesWorks.
@Test
public void modificationOfAuthoritiesWorks() {
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
SecurityContextHolder.getContext().setAuthentication(auth);
MockHttpServletRequest request = new MockHttpServletRequest();
request.addParameter(SwitchUserFilter.SPRING_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
SwitchUserFilter filter = new SwitchUserFilter();
filter.setUserDetailsService(new MockUserDetailsService());
filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
public Collection<GrantedAuthority> modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, Collection<? extends GrantedAuthority> authoritiesToBeGranted) {
List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
auths.add(new SimpleGrantedAuthority("ROLE_NEW"));
return auths;
}
});
Authentication result = filter.attemptSwitchUser(request);
assertThat(result != null).isTrue();
assertThat(result.getAuthorities()).hasSize(2);
assertThat(AuthorityUtils.authorityListToSet(result.getAuthorities())).contains("ROLE_NEW");
}
use of org.springframework.security.core.userdetails.UserDetails in project spring-security-oauth by spring-projects.
the class PhotoServiceImpl method getPhotosForCurrentUser.
public Collection<PhotoInfo> getPhotosForCurrentUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication.getPrincipal() instanceof UserDetails) {
UserDetails details = (UserDetails) authentication.getPrincipal();
String username = details.getUsername();
ArrayList<PhotoInfo> infos = new ArrayList<PhotoInfo>();
for (PhotoInfo info : getPhotos()) {
if (username.equals(info.getUserId())) {
infos.add(info);
}
}
return infos;
} else {
throw new BadCredentialsException("Bad credentials: not a username/password authentication.");
}
}
use of org.springframework.security.core.userdetails.UserDetails in project spring-security-oauth by spring-projects.
the class DefaultUserAuthenticationConverter method extractAuthentication.
public Authentication extractAuthentication(Map<String, ?> map) {
if (map.containsKey(USERNAME)) {
Object principal = map.get(USERNAME);
Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
if (userDetailsService != null) {
UserDetails user = userDetailsService.loadUserByUsername((String) map.get(USERNAME));
authorities = user.getAuthorities();
principal = user;
}
return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
}
return null;
}
Aggregations