security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SecurityUtils.java

   1 /*
   2  * Copyright (C) 2007-2012 Mathieu Baudier
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *         http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package org.argeo.security;
  17
  18 import org.springframework.security.Authentication;
  19 import org.springframework.security.GrantedAuthority;
  20 import org.springframework.security.context.SecurityContext;
  21 import org.springframework.security.context.SecurityContextHolder;
  22 import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
  23
  24 /** Static utilities */
  25 public class SecurityUtils {
  26
  27         private SecurityUtils() {
  28         }
  29
  30         /** Whether the current thread has the admin role */
  31         public static boolean hasCurrentThreadAuthority(String authority) {
  32                 SecurityContext securityContext = SecurityContextHolder.getContext();
  33                 if (securityContext != null) {
  34                         Authentication authentication = securityContext.getAuthentication();
  35                         if (authentication != null) {
  36                                 for (GrantedAuthority ga : authentication.getAuthorities())
  37                                         if (ga.getAuthority().equals(authority))
  38                                                 return true;
  39                         }
  40                 }
  41                 return false;
  42         }
  43
  44         /**
  45          * @return the authenticated username or null if not authenticated /
  46          *         anonymous
  47          */
  48         public static String getCurrentThreadUsername() {
  49                 SecurityContext securityContext = SecurityContextHolder.getContext();
  50                 if (securityContext != null) {
  51                         Authentication authentication = securityContext.getAuthentication();
  52                         if (authentication != null) {
  53                                 if (authentication instanceof AnonymousAuthenticationToken) {
  54                                         return null;
  55                                 }
  56                                 return authentication.getName();
  57                         }
  58                 }
  59                 return null;
  60         }
  61
  62         /**
  63          * Returns the display name of the user details (by calling toString() on
  64          * it)
  65          */
  66         public static String getUserDetailsDisplayName() {
  67                 SecurityContext securityContext = SecurityContextHolder.getContext();
  68                 if (securityContext != null) {
  69                         Authentication authentication = securityContext.getAuthentication();
  70                         if (authentication != null) {
  71                                 if (authentication instanceof AnonymousAuthenticationToken) {
  72                                         return null;
  73                                 }
  74                                 Object details = authentication.getDetails();
  75                                 if (details != null)
  76                                         return details.toString();
  77                                 return authentication.getName();
  78                         }
  79                 }
  80                 return null;
  81         }
  82 }